picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #13246 from keszybz/add-SystemdOptions-efi-variable 

Add efi variable to augment /proc/cmdline
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2019-10-03 12:19:44 +02:00 committed by GitHub
parent 68e70ac2b2 4e5aa79185
commit 86e94d95d0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
58 changed files with 1608 additions and 1380 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
docs/ENVIRONMENT.md
View File

@ -36,10 +36,13 @@ All tools:
* `$SD_EVENT_PROFILE_DELAYS=1` — if set, the sd-event event loop implementation
will print latency information at runtime.
* `$SYSTEMD_PROC_CMDLINE` — if set, may contain a string that is used as kernel
command line instead of the actual one readable from /proc/cmdline. This is
useful for debugging, in order to test generators and other code against
specific kernel command lines.
* `$SYSTEMD_PROC_CMDLINE` — if set, the contents are used as the kernel command
line instead of the actual one in /proc/cmdline. This is useful for
debugging, in order to test generators and other code against specific kernel
command lines.
* `$SYSTEMD_EFI_OPTIONS` — if set, used instead of the string in SystemdOptions
EFI variable. Analogous to `$SYSTEMD_PROC_CMDLINE`.
* `$SYSTEMD_IN_INITRD` — takes a boolean. If set, overrides initrd detection.
This is useful for debugging and testing initrd-only programs in the main

20
man/bootctl.xml
View File

@ -133,6 +133,15 @@
and the firmware's boot loader list.</para></listitem>
</varlistentry>
<varlistentry>
<term><option>is-installed</option></term>
<listitem><para>Checks whether <command>systemd-boot</command> is installed in the ESP. Note that a
single ESP might host multiple boot loaders; this hence checks whether
<command>systemd-boot</command> is one (of possibly many) installed boot loaders — and neither
whether it is the default nor whether it is registered in any EFI variables.</para></listitem>
</varlistentry>
<varlistentry>
<term><option>random-seed</option></term>
@ -150,12 +159,13 @@
</varlistentry>
<varlistentry>
<term><option>is-installed</option></term>
<term><option>system-options</option> <optional><replaceable>VALUE</replaceable></optional></term>
<listitem><para>Checks whether <command>systemd-boot</command> is installed in the ESP. Note that a
single ESP might host multiple boot loaders; this hence checks whether
<command>systemd-boot</command> is one (of possibly many) installed boot loaders — and neither
whether it is the default nor whether it is registered in any EFI variables.</para></listitem>
<listitem><para>When called without the optional argument, prints the current value of the
<literal>SystemdOptions</literal> EFI variable. When called with an argument, sets the
variable to that value. See
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
for the meaning of that variable.</para></listitem>
</varlistentry>
<varlistentry>

12
man/kernel-command-line.xml
View File

@ -27,9 +27,12 @@
<refsect1>
<title>Description</title>
<para>The kernel, the initial RAM disk (initrd) and
basic userspace functionality may be configured at boot via
kernel command line arguments.</para>
<para>The kernel, the initial RAM disk (initrd) and basic userspace functionality may be configured at
boot via kernel command line arguments. In addition, various systemd tools look at the EFI variable
<literal>SystemdOptions</literal> (if available). Both sources are combined, but the kernel command line
has higher priority. Please note that <emphasis>the EFI variable is only used by systemd tools, and is
ignored by the kernel and other user space tools</emphasis>, so it is not a replacement for the kernel
command line.</para>
<para>For command line parameters understood by the kernel, please
see
@ -449,7 +452,8 @@
<citerefentry><refentrytitle>systemd-backlight@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-rfkill.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-hibernate-resume-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-firstboot.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
<citerefentry><refentrytitle>systemd-firstboot.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
</para>
</refsect1>

14
man/systemd.xml
View File

@ -916,13 +916,13 @@
<refsect1>
<title>Kernel Command Line</title>
<para>When run as system instance systemd parses a number of
kernel command line arguments<footnote><para>If run inside a Linux
container these arguments may be passed as command line arguments
to systemd itself, next to any of the command line options listed
in the Options section above. If run outside of Linux containers,
these arguments are parsed from <filename>/proc/cmdline</filename>
instead.</para></footnote>:</para>
<para>When run as the system instance systemd parses a number of options listed below. They can be
specified as kernel command line arguments<footnote><para>If run inside a Linux container these arguments
may be passed as command line arguments to systemd itself, next to any of the command line options listed
in the Options section above. If run outside of Linux containers, these arguments are parsed from
<filename>/proc/cmdline</filename> instead.</para></footnote>, or through the
<literal>SystemdOptions</literal> EFI variable (on EFI systems). The kernel command line has higher
priority. Following variables are understood:</para>
<variablelist class='kernel-commandline-options'>
<varlistentry>

2
src/backlight/backlight.c
View File

@ -13,7 +13,7 @@
#include "main-func.h"
#include "mkdir.h"
#include "parse-util.h"
#include "proc-cmdline.h"
#include "reboot-util.h"
#include "string-util.h"
#include "strv.h"
#include "util.h"

895
src/basic/cgroup-util.c
View File

@ -31,7 +31,6 @@
#include "mkdir.h"
#include "parse-util.h"
#include "path-util.h"
#include "proc-cmdline.h"
#include "process-util.h"
#include "set.h"
#include "special.h"
@ -408,173 +407,6 @@ int cg_kill_recursive(
return ret;
}
int cg_migrate(
const char *cfrom,
const char *pfrom,
const char *cto,
const char *pto,
CGroupFlags flags) {
bool done = false;
_cleanup_set_free_ Set *s = NULL;
int r, ret = 0;
pid_t my_pid;
assert(cfrom);
assert(pfrom);
assert(cto);
assert(pto);
s = set_new(NULL);
if (!s)
return -ENOMEM;
my_pid = getpid_cached();
do {
_cleanup_fclose_ FILE *f = NULL;
pid_t pid = 0;
done = true;
r = cg_enumerate_processes(cfrom, pfrom, &f);
if (r < 0) {
if (ret >= 0 && r != -ENOENT)
return r;
return ret;
}
while ((r = cg_read_pid(f, &pid)) > 0) {
/* This might do weird stuff if we aren't a
* single-threaded program. However, we
* luckily know we are not */
if ((flags & CGROUP_IGNORE_SELF) && pid == my_pid)
continue;
if (set_get(s, PID_TO_PTR(pid)) == PID_TO_PTR(pid))
continue;
/* Ignore kernel threads. Since they can only
* exist in the root cgroup, we only check for
* them there. */
if (cfrom &&
empty_or_root(pfrom) &&
is_kernel_thread(pid) > 0)
continue;
r = cg_attach(cto, pto, pid);
if (r < 0) {
if (ret >= 0 && r != -ESRCH)
ret = r;
} else if (ret == 0)
ret = 1;
done = false;
r = set_put(s, PID_TO_PTR(pid));
if (r < 0) {
if (ret >= 0)
return r;
return ret;
}
}
if (r < 0) {
if (ret >= 0)
return r;
return ret;
}
} while (!done);
return ret;
}
int cg_migrate_recursive(
const char *cfrom,
const char *pfrom,
const char *cto,
const char *pto,
CGroupFlags flags) {
_cleanup_closedir_ DIR *d = NULL;
int r, ret = 0;
char *fn;
assert(cfrom);
assert(pfrom);
assert(cto);
assert(pto);
ret = cg_migrate(cfrom, pfrom, cto, pto, flags);
r = cg_enumerate_subgroups(cfrom, pfrom, &d);
if (r < 0) {
if (ret >= 0 && r != -ENOENT)
return r;
return ret;
}
while ((r = cg_read_subgroup(d, &fn)) > 0) {
_cleanup_free_ char *p = NULL;
p = path_join(empty_to_root(pfrom), fn);
free(fn);
if (!p)
return -ENOMEM;
r = cg_migrate_recursive(cfrom, p, cto, pto, flags);
if (r != 0 && ret >= 0)
ret = r;
}
if (r < 0 && ret >= 0)
ret = r;
if (flags & CGROUP_REMOVE) {
r = cg_rmdir(cfrom, pfrom);
if (r < 0 && ret >= 0 && !IN_SET(r, -ENOENT, -EBUSY))
return r;
}
return ret;
}
int cg_migrate_recursive_fallback(
const char *cfrom,
const char *pfrom,
const char *cto,
const char *pto,
CGroupFlags flags) {
int r;
assert(cfrom);
assert(pfrom);
assert(cto);
assert(pto);
r = cg_migrate_recursive(cfrom, pfrom, cto, pto, flags);
if (r < 0) {
char prefix[strlen(pto) + 1];
/* This didn't work? Then let's try all prefixes of the destination */
PATH_FOREACH_PREFIX(prefix, pto) {
int q;
q = cg_migrate_recursive(cfrom, pfrom, cto, prefix, flags);
if (q >= 0)
return q;
}
}
return r;
}
static const char *controller_to_dirname(const char *controller) {
const char *e;
@ -740,253 +572,6 @@ int cg_get_path_and_check(const char *controller, const char *path, const char *
return cg_get_path(controller, path, suffix, fs);
}
static int trim_cb(const char *path, const struct stat *sb, int typeflag, struct FTW *ftwbuf) {
assert(path);
assert(sb);
assert(ftwbuf);
if (typeflag != FTW_DP)
return 0;
if (ftwbuf->level < 1)
return 0;
(void) rmdir(path);
return 0;
}
int cg_trim(const char *controller, const char *path, bool delete_root) {
_cleanup_free_ char *fs = NULL;
int r = 0, q;
assert(path);
r = cg_get_path(controller, path, NULL, &fs);
if (r < 0)
return r;
errno = 0;
if (nftw(fs, trim_cb, 64, FTW_DEPTH|FTW_MOUNT|FTW_PHYS) != 0) {
if (errno == ENOENT)
r = 0;
else
r = errno_or_else(EIO);
}
if (delete_root) {
if (rmdir(fs) < 0 && errno != ENOENT)
return -errno;
}
q = cg_hybrid_unified();
if (q < 0)
return q;
if (q > 0 && streq(controller, SYSTEMD_CGROUP_CONTROLLER)) {
q = cg_trim(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path, delete_root);
if (q < 0)
log_warning_errno(q, "Failed to trim compat systemd cgroup %s: %m", path);
}
return r;
}
/* Create a cgroup in the hierarchy of controller.
* Returns 0 if the group already existed, 1 on success, negative otherwise.
*/
int cg_create(const char *controller, const char *path) {
_cleanup_free_ char *fs = NULL;
int r;
r = cg_get_path_and_check(controller, path, NULL, &fs);
if (r < 0)
return r;
r = mkdir_parents(fs, 0755);
if (r < 0)
return r;
r = mkdir_errno_wrapper(fs, 0755);
if (r == -EEXIST)
return 0;
if (r < 0)
return r;
r = cg_hybrid_unified();
if (r < 0)
return r;
if (r > 0 && streq(controller, SYSTEMD_CGROUP_CONTROLLER)) {
r = cg_create(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path);
if (r < 0)
log_warning_errno(r, "Failed to create compat systemd cgroup %s: %m", path);
}
return 1;
}
int cg_create_and_attach(const char *controller, const char *path, pid_t pid) {
int r, q;
assert(pid >= 0);
r = cg_create(controller, path);
if (r < 0)
return r;
q = cg_attach(controller, path, pid);
if (q < 0)
return q;
/* This does not remove the cgroup on failure */
return r;
}
int cg_attach(const char *controller, const char *path, pid_t pid) {
_cleanup_free_ char *fs = NULL;
char c[DECIMAL_STR_MAX(pid_t) + 2];
int r;
assert(path);
assert(pid >= 0);
r = cg_get_path_and_check(controller, path, "cgroup.procs", &fs);
if (r < 0)
return r;
if (pid == 0)
pid = getpid_cached();
xsprintf(c, PID_FMT "\n", pid);
r = write_string_file(fs, c, WRITE_STRING_FILE_DISABLE_BUFFER);
if (r < 0)
return r;
r = cg_hybrid_unified();
if (r < 0)
return r;
if (r > 0 && streq(controller, SYSTEMD_CGROUP_CONTROLLER)) {
r = cg_attach(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path, pid);
if (r < 0)
log_warning_errno(r, "Failed to attach "PID_FMT" to compat systemd cgroup %s: %m", pid, path);
}
return 0;
}
int cg_attach_fallback(const char *controller, const char *path, pid_t pid) {
int r;
assert(controller);
assert(path);
assert(pid >= 0);
r = cg_attach(controller, path, pid);
if (r < 0) {
char prefix[strlen(path) + 1];
/* This didn't work? Then let's try all prefixes of
* the destination */
PATH_FOREACH_PREFIX(prefix, path) {
int q;
q = cg_attach(controller, prefix, pid);
if (q >= 0)
return q;
}
}
return r;
}
int cg_set_access(
const char *controller,
const char *path,
uid_t uid,
gid_t gid) {
struct Attribute {
const char *name;
bool fatal;
};
/* cgroup v1, aka legacy/non-unified */
static const struct Attribute legacy_attributes[] = {
{ "cgroup.procs", true },
{ "tasks", false },
{ "cgroup.clone_children", false },
{},
};
/* cgroup v2, aka unified */
static const struct Attribute unified_attributes[] = {
{ "cgroup.procs", true },
{ "cgroup.subtree_control", true },
{ "cgroup.threads", false },
{},
};
static const struct Attribute* const attributes[] = {
[false] = legacy_attributes,
[true] = unified_attributes,
};
_cleanup_free_ char *fs = NULL;
const struct Attribute *i;
int r, unified;
assert(path);
if (uid == UID_INVALID && gid == GID_INVALID)
return 0;
unified = cg_unified_controller(controller);
if (unified < 0)
return unified;
/* Configure access to the cgroup itself */
r = cg_get_path(controller, path, NULL, &fs);
if (r < 0)
return r;
r = chmod_and_chown(fs, 0755, uid, gid);
if (r < 0)
return r;
/* Configure access to the cgroup's attributes */
for (i = attributes[unified]; i->name; i++) {
fs = mfree(fs);
r = cg_get_path(controller, path, i->name, &fs);
if (r < 0)
return r;
r = chmod_and_chown(fs, 0644, uid, gid);
if (r < 0) {
if (i->fatal)
return r;
log_debug_errno(r, "Failed to set access on cgroup %s, ignoring: %m", fs);
}
}
if (streq(controller, SYSTEMD_CGROUP_CONTROLLER)) {
r = cg_hybrid_unified();
if (r < 0)
return r;
if (r > 0) {
/* Always propagate access mode from unified to legacy controller */
r = cg_set_access(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path, uid, gid);
if (r < 0)
log_debug_errno(r, "Failed to set access on compatibility systemd cgroup %s, ignoring: %m", path);
}
}
return 0;
}
int cg_set_xattr(const char *controller, const char *path, const char *name, const void *value, size_t size, int flags) {
_cleanup_free_ char *fs = NULL;
int r;
@ -2141,194 +1726,6 @@ fail:
done:
memcpy(ret_values, v, sizeof(char*) * n);
return 0;
}
int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path) {
CGroupController c;
CGroupMask done;
bool created;
int r;
/* This one will create a cgroup in our private tree, but also
* duplicate it in the trees specified in mask, and remove it
* in all others.
*
* Returns 0 if the group already existed in the systemd hierarchy,
* 1 on success, negative otherwise.
*/
/* First create the cgroup in our own hierarchy. */
r = cg_create(SYSTEMD_CGROUP_CONTROLLER, path);
if (r < 0)
return r;
created = r;
/* If we are in the unified hierarchy, we are done now */
r = cg_all_unified();
if (r < 0)
return r;
if (r > 0)
return created;
supported &= CGROUP_MASK_V1;
mask = CGROUP_MASK_EXTEND_JOINED(mask);
done = 0;
/* Otherwise, do the same in the other hierarchies */
for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
const char *n;
if (!FLAGS_SET(supported, bit))
continue;
if (FLAGS_SET(done, bit))
continue;
n = cgroup_controller_to_string(c);
if (FLAGS_SET(mask, bit))
(void) cg_create(n, path);
else
(void) cg_trim(n, path, true);
done |= CGROUP_MASK_EXTEND_JOINED(bit);
}
return created;
}
int cg_attach_everywhere(CGroupMask supported, const char *path, pid_t pid, cg_migrate_callback_t path_callback, void *userdata) {
CGroupController c;
CGroupMask done;
int r;
r = cg_attach(SYSTEMD_CGROUP_CONTROLLER, path, pid);
if (r < 0)
return r;
r = cg_all_unified();
if (r < 0)
return r;
if (r > 0)
return 0;
supported &= CGROUP_MASK_V1;
done = 0;
for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
const char *p = NULL;
if (!FLAGS_SET(supported, bit))
continue;
if (FLAGS_SET(done, bit))
continue;
if (path_callback)
p = path_callback(bit, userdata);
if (!p)
p = path;
(void) cg_attach_fallback(cgroup_controller_to_string(c), p, pid);
done |= CGROUP_MASK_EXTEND_JOINED(bit);
}
return 0;
}
int cg_attach_many_everywhere(CGroupMask supported, const char *path, Set* pids, cg_migrate_callback_t path_callback, void *userdata) {
Iterator i;
void *pidp;
int r = 0;
SET_FOREACH(pidp, pids, i) {
pid_t pid = PTR_TO_PID(pidp);
int q;
q = cg_attach_everywhere(supported, path, pid, path_callback, userdata);
if (q < 0 && r >= 0)
r = q;
}
return r;
}
int cg_migrate_everywhere(CGroupMask supported, const char *from, const char *to, cg_migrate_callback_t to_callback, void *userdata) {
CGroupController c;
CGroupMask done;
int r = 0, q;
if (!path_equal(from, to)) {
r = cg_migrate_recursive(SYSTEMD_CGROUP_CONTROLLER, from, SYSTEMD_CGROUP_CONTROLLER, to, CGROUP_REMOVE);
if (r < 0)
return r;
}
q = cg_all_unified();
if (q < 0)
return q;
if (q > 0)
return r;
supported &= CGROUP_MASK_V1;
done = 0;
for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
const char *p = NULL;
if (!FLAGS_SET(supported, bit))
continue;
if (FLAGS_SET(done, bit))
continue;
if (to_callback)
p = to_callback(bit, userdata);
if (!p)
p = to;
(void) cg_migrate_recursive_fallback(SYSTEMD_CGROUP_CONTROLLER, to, cgroup_controller_to_string(c), p, 0);
done |= CGROUP_MASK_EXTEND_JOINED(bit);
}
return r;
}
int cg_trim_everywhere(CGroupMask supported, const char *path, bool delete_root) {
CGroupController c;
CGroupMask done;
int r, q;
r = cg_trim(SYSTEMD_CGROUP_CONTROLLER, path, delete_root);
if (r < 0)
return r;
q = cg_all_unified();
if (q < 0)
return q;
if (q > 0)
return r;
supported &= CGROUP_MASK_V1;
done = 0;
for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
if (!FLAGS_SET(supported, bit))
continue;
if (FLAGS_SET(done, bit))
continue;
(void) cg_trim(cgroup_controller_to_string(c), path, delete_root);
done |= CGROUP_MASK_EXTEND_JOINED(bit);
}
return r;
}
int cg_mask_to_string(CGroupMask mask, char **ret) {
@ -2523,20 +1920,20 @@ int cg_kernel_controllers(Set **ret) {
return 0;
}
static thread_local CGroupUnified unified_cache = CGROUP_UNIFIED_UNKNOWN;
/* The hybrid mode was initially implemented in v232 and simply mounted cgroup2 on /sys/fs/cgroup/systemd. This
* unfortunately broke other tools (such as docker) which expected the v1 "name=systemd" hierarchy on
* /sys/fs/cgroup/systemd. From v233 and on, the hybrid mode mountnbs v2 on /sys/fs/cgroup/unified and maintains
* "name=systemd" hierarchy on /sys/fs/cgroup/systemd for compatibility with other tools.
/* The hybrid mode was initially implemented in v232 and simply mounted cgroup2 on
* /sys/fs/cgroup/systemd. This unfortunately broke other tools (such as docker) which expected the v1
* "name=systemd" hierarchy on /sys/fs/cgroup/systemd. From v233 and on, the hybrid mode mounts v2 on
* /sys/fs/cgroup/unified and maintains "name=systemd" hierarchy on /sys/fs/cgroup/systemd for compatibility
* with other tools.
*
* To keep live upgrade working, we detect and support v232 layout. When v232 layout is detected, to keep cgroup v2
* process management but disable the compat dual layout, we return %true on
* cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) and %false on cg_hybrid_unified().
* To keep live upgrade working, we detect and support v232 layout. When v232 layout is detected, to keep
* cgroup v2 process management but disable the compat dual layout, we return true on
* cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) and false on cg_hybrid_unified().
*/
static thread_local bool unified_systemd_v232;
static int cg_unified_update(void) {
int cg_unified_cached(bool flush) {
static thread_local CGroupUnified unified_cache = CGROUP_UNIFIED_UNKNOWN;
struct statfs fs;
@ -2545,8 +1942,10 @@ static int cg_unified_update(void) {
* have any other trouble determining if the unified hierarchy
* is supported. */
if (unified_cache >= CGROUP_UNIFIED_NONE)
return 0;
if (flush)
unified_cache = CGROUP_UNIFIED_UNKNOWN;
else if (unified_cache >= CGROUP_UNIFIED_NONE)
return unified_cache;
if (statfs("/sys/fs/cgroup/", &fs) < 0)
return log_debug_errno(errno, "statfs(\"/sys/fs/cgroup/\") failed: %m");
@ -2582,20 +1981,20 @@ static int cg_unified_update(void) {
"Unknown filesystem type %llx mounted on /sys/fs/cgroup.",
(unsigned long long)fs.f_type);
return 0;
return unified_cache;
}
int cg_unified_controller(const char *controller) {
int r;
r = cg_unified_update();
r = cg_unified_cached(false);
if (r < 0)
return r;
if (unified_cache == CGROUP_UNIFIED_NONE)
if (r == CGROUP_UNIFIED_NONE)
return false;
if (unified_cache >= CGROUP_UNIFIED_ALL)
if (r >= CGROUP_UNIFIED_ALL)
return true;
return streq_ptr(controller, SYSTEMD_CGROUP_CONTROLLER);
@ -2604,231 +2003,21 @@ int cg_unified_controller(const char *controller) {
int cg_all_unified(void) {
int r;
r = cg_unified_update();
r = cg_unified_cached(false);
if (r < 0)
return r;
return unified_cache >= CGROUP_UNIFIED_ALL;
return r >= CGROUP_UNIFIED_ALL;
}
int cg_hybrid_unified(void) {
int r;
r = cg_unified_update();
r = cg_unified_cached(false);
if (r < 0)
return r;
return unified_cache == CGROUP_UNIFIED_SYSTEMD && !unified_systemd_v232;
}
int cg_unified_flush(void) {
unified_cache = CGROUP_UNIFIED_UNKNOWN;
return cg_unified_update();
}
int cg_enable_everywhere(
CGroupMask supported,
CGroupMask mask,
const char *p,
CGroupMask *ret_result_mask) {
_cleanup_fclose_ FILE *f = NULL;
_cleanup_free_ char *fs = NULL;
CGroupController c;
CGroupMask ret = 0;
int r;
assert(p);
if (supported == 0) {
if (ret_result_mask)
*ret_result_mask = 0;
return 0;
}
r = cg_all_unified();
if (r < 0)
return r;
if (r == 0) {
/* On the legacy hierarchy there's no concept of "enabling" controllers in cgroups defined. Let's claim
* complete success right away. (If you wonder why we return the full mask here, rather than zero: the
* caller tends to use the returned mask later on to compare if all controllers where properly joined,
* and if not requeues realization. This use is the primary purpose of the return value, hence let's
* minimize surprises here and reduce triggers for re-realization by always saying we fully
* succeeded.) */
if (ret_result_mask)
*ret_result_mask = mask & supported & CGROUP_MASK_V2; /* If you wonder why we mask this with
* CGROUP_MASK_V2: The 'supported' mask
* might contain pure-V1 or BPF
* controllers, and we never want to
* claim that we could enable those with
* cgroup.subtree_control */
return 0;
}
r = cg_get_path(SYSTEMD_CGROUP_CONTROLLER, p, "cgroup.subtree_control", &fs);
if (r < 0)
return r;
for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
const char *n;
if (!FLAGS_SET(CGROUP_MASK_V2, bit))
continue;
if (!FLAGS_SET(supported, bit))
continue;
n = cgroup_controller_to_string(c);
{
char s[1 + strlen(n) + 1];
s[0] = FLAGS_SET(mask, bit) ? '+' : '-';
strcpy(s + 1, n);
if (!f) {
f = fopen(fs, "we");
if (!f)
return log_debug_errno(errno, "Failed to open cgroup.subtree_control file of %s: %m", p);
}
r = write_string_stream(f, s, WRITE_STRING_FILE_DISABLE_BUFFER);
if (r < 0) {
log_debug_errno(r, "Failed to %s controller %s for %s (%s): %m",
FLAGS_SET(mask, bit) ? "enable" : "disable", n, p, fs);
clearerr(f);
/* If we can't turn off a controller, leave it on in the reported resulting mask. This
* happens for example when we attempt to turn off a controller up in the tree that is
* used down in the tree. */
if (!FLAGS_SET(mask, bit) && r == -EBUSY) /* You might wonder why we check for EBUSY
* only here, and not follow the same logic
* for other errors such as EINVAL or
* EOPNOTSUPP or anything else. That's
* because EBUSY indicates that the
* controllers is currently enabled and
* cannot be disabled because something down
* the hierarchy is still using it. Any other
* error most likely means something like "I
* never heard of this controller" or
* similar. In the former case it's hence
* safe to assume the controller is still on
* after the failed operation, while in the
* latter case it's safer to assume the
* controller is unknown and hence certainly
* not enabled. */
ret |= bit;
} else {
/* Otherwise, if we managed to turn on a controller, set the bit reflecting that. */
if (FLAGS_SET(mask, bit))
ret |= bit;
}
}
}
/* Let's return the precise set of controllers now enabled for the cgroup. */
if (ret_result_mask)
*ret_result_mask = ret;
return 0;
}
bool cg_is_unified_wanted(void) {
static thread_local int wanted = -1;
int r;
bool b;
const bool is_default = DEFAULT_HIERARCHY == CGROUP_UNIFIED_ALL;
_cleanup_free_ char *c = NULL;
/* If we have a cached value, return that. */
if (wanted >= 0)
return wanted;
/* If the hierarchy is already mounted, then follow whatever
* was chosen for it. */
if (cg_unified_flush() >= 0)
return (wanted = unified_cache >= CGROUP_UNIFIED_ALL);
/* If we were explicitly passed systemd.unified_cgroup_hierarchy,
* respect that. */
r = proc_cmdline_get_bool("systemd.unified_cgroup_hierarchy", &b);
if (r > 0)
return (wanted = b);
/* If we passed cgroup_no_v1=all with no other instructions, it seems
* highly unlikely that we want to use hybrid or legacy hierarchy. */
r = proc_cmdline_get_key("cgroup_no_v1", 0, &c);
if (r > 0 && streq_ptr(c, "all"))
return (wanted = true);
return (wanted = is_default);
}
bool cg_is_legacy_wanted(void) {
static thread_local int wanted = -1;
/* If we have a cached value, return that. */
if (wanted >= 0)
return wanted;
/* Check if we have cgroup v2 already mounted. */
if (cg_unified_flush() >= 0 &&
unified_cache == CGROUP_UNIFIED_ALL)
return (wanted = false);
/* Otherwise, assume that at least partial legacy is wanted,
* since cgroup v2 should already be mounted at this point. */
return (wanted = true);
}
bool cg_is_hybrid_wanted(void) {
static thread_local int wanted = -1;
int r;
bool b;
const bool is_default = DEFAULT_HIERARCHY >= CGROUP_UNIFIED_SYSTEMD;
/* We default to true if the default is "hybrid", obviously,
* but also when the default is "unified", because if we get
* called, it means that unified hierarchy was not mounted. */
/* If we have a cached value, return that. */
if (wanted >= 0)
return wanted;
/* If the hierarchy is already mounted, then follow whatever
* was chosen for it. */
if (cg_unified_flush() >= 0 &&
unified_cache == CGROUP_UNIFIED_ALL)
return (wanted = false);
/* Otherwise, let's see what the kernel command line has to say.
* Since checking is expensive, cache a non-error result. */
r = proc_cmdline_get_bool("systemd.legacy_systemd_cgroup_controller", &b);
/* The meaning of the kernel option is reversed wrt. to the return value
* of this function, hence the negation. */
return (wanted = r > 0 ? !b : is_default);
}
int cg_weight_parse(const char *s, uint64_t *ret) {
uint64_t u;
int r;
if (isempty(s)) {
*ret = CGROUP_WEIGHT_INVALID;
return 0;
}
r = safe_atou64(s, &u);
if (r < 0)
return r;
if (u < CGROUP_WEIGHT_MIN || u > CGROUP_WEIGHT_MAX)
return -ERANGE;
*ret = u;
return 0;
return r == CGROUP_UNIFIED_SYSTEMD && !unified_systemd_v232;
}
const uint64_t cgroup_io_limit_defaults[_CGROUP_IO_LIMIT_TYPE_MAX] = {
@ -2847,46 +2036,6 @@ static const char* const cgroup_io_limit_type_table[_CGROUP_IO_LIMIT_TYPE_MAX] =
DEFINE_STRING_TABLE_LOOKUP(cgroup_io_limit_type, CGroupIOLimitType);
int cg_cpu_shares_parse(const char *s, uint64_t *ret) {
uint64_t u;
int r;
if (isempty(s)) {
*ret = CGROUP_CPU_SHARES_INVALID;
return 0;
}
r = safe_atou64(s, &u);
if (r < 0)
return r;
if (u < CGROUP_CPU_SHARES_MIN || u > CGROUP_CPU_SHARES_MAX)
return -ERANGE;
*ret = u;
return 0;
}
int cg_blkio_weight_parse(const char *s, uint64_t *ret) {
uint64_t u;
int r;
if (isempty(s)) {
*ret = CGROUP_BLKIO_WEIGHT_INVALID;
return 0;
}
r = safe_atou64(s, &u);
if (r < 0)
return r;
if (u < CGROUP_BLKIO_WEIGHT_MIN || u > CGROUP_BLKIO_WEIGHT_MAX)
return -ERANGE;
*ret = u;
return 0;
}
bool is_cgroup_fs(const struct statfs *s) {
return is_fs_type(s, CGROUP_SUPER_MAGIC) ||
is_fs_type(s, CGROUP2_SUPER_MAGIC);

31
src/basic/cgroup-util.h
View File

@ -174,10 +174,6 @@ typedef int (*cg_kill_log_func_t)(pid_t pid, int sig, void *userdata);
int cg_kill(const char *controller, const char *path, int sig, CGroupFlags flags, Set *s, cg_kill_log_func_t kill_log, void *userdata);
int cg_kill_recursive(const char *controller, const char *path, int sig, CGroupFlags flags, Set *s, cg_kill_log_func_t kill_log, void *userdata);
int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char *pto, CGroupFlags flags);
int cg_migrate_recursive(const char *cfrom, const char *pfrom, const char *cto, const char *pto, CGroupFlags flags);
int cg_migrate_recursive_fallback(const char *cfrom, const char *pfrom, const char *cto, const char *pto, CGroupFlags flags);
int cg_split_spec(const char *spec, char **controller, char **path);
int cg_mangle_path(const char *path, char **result);
@ -186,15 +182,8 @@ int cg_get_path_and_check(const char *controller, const char *path, const char *
int cg_pid_get_path(const char *controller, pid_t pid, char **path);
int cg_trim(const char *controller, const char *path, bool delete_root);
int cg_rmdir(const char *controller, const char *path);
int cg_create(const char *controller, const char *path);
int cg_attach(const char *controller, const char *path, pid_t pid);
int cg_attach_fallback(const char *controller, const char *path, pid_t pid);
int cg_create_and_attach(const char *controller, const char *path, pid_t pid);
int cg_set_attribute(const char *controller, const char *path, const char *attribute, const char *value);
int cg_get_attribute(const char *controller, const char *path, const char *attribute, char **ret);
int cg_get_keyed_attribute(const char *controller, const char *path, const char *attribute, char **keys, char **values);
@ -242,13 +231,6 @@ int cg_slice_to_path(const char *unit, char **ret);
typedef const char* (*cg_migrate_callback_t)(CGroupMask mask, void *userdata);
int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path);
int cg_attach_everywhere(CGroupMask supported, const char *path, pid_t pid, cg_migrate_callback_t callback, void *userdata);
int cg_attach_many_everywhere(CGroupMask supported, const char *path, Set* pids, cg_migrate_callback_t callback, void *userdata);
int cg_migrate_everywhere(CGroupMask supported, const char *from, const char *to, cg_migrate_callback_t callback, void *userdata);
int cg_trim_everywhere(CGroupMask supported, const char *path, bool delete_root);
int cg_enable_everywhere(CGroupMask supported, CGroupMask mask, const char *p, CGroupMask *ret_result_mask);
int cg_mask_supported(CGroupMask *ret);
int cg_mask_from_string(const char *s, CGroupMask *ret);
int cg_mask_to_string(CGroupMask mask, char **ret);
@ -260,18 +242,13 @@ bool cg_ns_supported(void);
int cg_all_unified(void);
int cg_hybrid_unified(void);
int cg_unified_controller(const char *controller);
int cg_unified_flush(void);
bool cg_is_unified_wanted(void);
bool cg_is_legacy_wanted(void);
bool cg_is_hybrid_wanted(void);
int cg_unified_cached(bool flush);
static inline int cg_unified(void) {
return cg_unified_cached(true);
}
const char* cgroup_controller_to_string(CGroupController c) _const_;
CGroupController cgroup_controller_from_string(const char *s) _pure_;
int cg_weight_parse(const char *s, uint64_t *ret);
int cg_cpu_shares_parse(const char *s, uint64_t *ret);
int cg_blkio_weight_parse(const char *s, uint64_t *ret);
bool is_cgroup_fs(const struct statfs *s);
bool fd_is_cgroup_fs(int fd);

250
src/basic/efivars.c Normal file
View File

@ -0,0 +1,250 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#include <errno.h>
#include <fcntl.h>
#include <limits.h>
#include <linux/fs.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <unistd.h>
#include "sd-id128.h"
#include "alloc-util.h"
#include "chattr-util.h"
#include "efivars.h"
#include "fd-util.h"
#include "io-util.h"
#include "macro.h"
#include "stdio-util.h"
#include "strv.h"
#include "time-util.h"
#include "utf8.h"
#if ENABLE_EFI
char* efi_variable_path(sd_id128_t vendor, const char *name) {
char *p;
if (asprintf(&p,
"/sys/firmware/efi/efivars/%s-" SD_ID128_UUID_FORMAT_STR,
name, SD_ID128_FORMAT_VAL(vendor)) < 0)
return NULL;
return p;
}
int efi_get_variable(
sd_id128_t vendor,
const char *name,
uint32_t *ret_attribute,
void **ret_value,
size_t *ret_size) {
_cleanup_close_ int fd = -1;
_cleanup_free_ char *p = NULL;
_cleanup_free_ void *buf = NULL;
struct stat st;
uint32_t a;
ssize_t n;
assert(name);
p = efi_variable_path(vendor, name);
if (!p)
return -ENOMEM;
if (!ret_value && !ret_size && !ret_attribute) {
/* If caller is not interested in anything, just check if the variable exists and is readable
* to us. */
if (access(p, R_OK) < 0)
return -errno;
return 0;
}
fd = open(p, O_RDONLY|O_NOCTTY|O_CLOEXEC);
if (fd < 0)
return -errno;
if (fstat(fd, &st) < 0)
return -errno;
if (st.st_size < 4)
return -ENODATA;
if (st.st_size > 4*1024*1024 + 4)
return -E2BIG;
if (ret_value || ret_attribute) {
n = read(fd, &a, sizeof(a));
if (n < 0)
return -errno;
if (n != sizeof(a))
return -EIO;
}
if (ret_value) {
buf = malloc(st.st_size - 4 + 2);
if (!buf)
return -ENOMEM;
n = read(fd, buf, (size_t) st.st_size - 4);
if (n < 0)
return -errno;
if (n != st.st_size - 4)
return -EIO;
/* Always NUL terminate (2 bytes, to protect UTF-16) */
((char*) buf)[st.st_size - 4] = 0;
((char*) buf)[st.st_size - 4 + 1] = 0;
}
/* Note that efivarfs interestingly doesn't require ftruncate() to update an existing EFI variable
* with a smaller value. */
if (ret_attribute)
*ret_attribute = a;
if (ret_value)
*ret_value = TAKE_PTR(buf);
if (ret_size)
*ret_size = (size_t) st.st_size - 4;
return 0;
}
int efi_get_variable_string(sd_id128_t vendor, const char *name, char **p) {
_cleanup_free_ void *s = NULL;
size_t ss = 0;
int r;
char *x;
r = efi_get_variable(vendor, name, NULL, &s, &ss);
if (r < 0)
return r;
x = utf16_to_utf8(s, ss);
if (!x)
return -ENOMEM;
*p = x;
return 0;
}
int efi_set_variable(
sd_id128_t vendor,
const char *name,
const void *value,
size_t size) {
struct var {
uint32_t attr;
char buf[];
} _packed_ * _cleanup_free_ buf = NULL;
_cleanup_free_ char *p = NULL;
_cleanup_close_ int fd = -1;
bool saved_flags_valid = false;
unsigned saved_flags;
int r;
assert(name);
assert(value || size == 0);
p = efi_variable_path(vendor, name);
if (!p)
return -ENOMEM;
/* Newer efivarfs protects variables that are not in a whitelist with FS_IMMUTABLE_FL by default, to protect
* them for accidental removal and modification. We are not changing these variables accidentally however,
* hence let's unset the bit first. */
r = chattr_path(p, 0, FS_IMMUTABLE_FL, &saved_flags);
if (r < 0 && r != -ENOENT)
log_debug_errno(r, "Failed to drop FS_IMMUTABLE_FL flag from '%s', ignoring: %m", p);
saved_flags_valid = r >= 0;
if (size == 0) {
if (unlink(p) < 0) {
r = -errno;
goto finish;
}
return 0;
}
fd = open(p, O_WRONLY|O_CREAT|O_NOCTTY|O_CLOEXEC, 0644);
if (fd < 0) {
r = -errno;
goto finish;
}
buf = malloc(sizeof(uint32_t) + size);
if (!buf) {
r = -ENOMEM;
goto finish;
}
buf->attr = EFI_VARIABLE_NON_VOLATILE|EFI_VARIABLE_BOOTSERVICE_ACCESS|EFI_VARIABLE_RUNTIME_ACCESS;
memcpy(buf->buf, value, size);
r = loop_write(fd, buf, sizeof(uint32_t) + size, false);
if (r < 0)
goto finish;
r = 0;
finish:
if (saved_flags_valid) {
int q;
/* Restore the original flags field, just in case */
if (fd < 0)
q = chattr_path(p, saved_flags, FS_IMMUTABLE_FL, NULL);
else
q = chattr_fd(fd, saved_flags, FS_IMMUTABLE_FL, NULL);
if (q < 0)
log_debug_errno(q, "Failed to restore FS_IMMUTABLE_FL on '%s', ignoring: %m", p);
}
return r;
}
int efi_set_variable_string(sd_id128_t vendor, const char *name, const char *v) {
_cleanup_free_ char16_t *u16 = NULL;
u16 = utf8_to_utf16(v, strlen(v));
if (!u16)
return -ENOMEM;
return efi_set_variable(vendor, name, u16, (char16_strlen(u16) + 1) * sizeof(char16_t));
}
int efi_systemd_options_variable(char **line) {
const char *e;
int r;
assert(line);
/* For testing purposes it is sometimes useful to be able to override this */
e = secure_getenv("SYSTEMD_EFI_OPTIONS");
if (e) {
char *m;
m = strdup(e);
if (!m)
return -ENOMEM;
*line = m;
return 0;
}
r = efi_get_variable_string(EFI_VENDOR_SYSTEMD, "SystemdOptions", line);
if (r == -ENOENT)
return -ENODATA;
return r;
}
#endif

59
src/basic/efivars.h Normal file
View File

@ -0,0 +1,59 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once
#if !ENABLE_EFI
# include <errno.h>
#endif
#include <stdbool.h>
#include <stddef.h>
#include <stdint.h>
#include "sd-id128.h"
#include "efi/loader-features.h"
#include "time-util.h"
#define EFI_VENDOR_LOADER SD_ID128_MAKE(4a,67,b0,82,0a,4c,41,cf,b6,c7,44,0b,29,bb,8c,4f)
#define EFI_VENDOR_GLOBAL SD_ID128_MAKE(8b,e4,df,61,93,ca,11,d2,aa,0d,00,e0,98,03,2b,8c)
#define EFI_VENDOR_SYSTEMD SD_ID128_MAKE(8c,f2,64,4b,4b,0b,42,8f,93,87,6d,87,60,50,dc,67)
#define EFI_VARIABLE_NON_VOLATILE 0x0000000000000001
#define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x0000000000000002
#define EFI_VARIABLE_RUNTIME_ACCESS 0x0000000000000004
#if ENABLE_EFI
char* efi_variable_path(sd_id128_t vendor, const char *name);
int efi_get_variable(sd_id128_t vendor, const char *name, uint32_t *attribute, void **value, size_t *size);
int efi_get_variable_string(sd_id128_t vendor, const char *name, char **p);
int efi_set_variable(sd_id128_t vendor, const char *name, const void *value, size_t size);
int efi_set_variable_string(sd_id128_t vendor, const char *name, const char *p);
int efi_systemd_options_variable(char **line);
#else
static inline char* efi_variable_path(sd_id128_t vendor, const char *name) {
return NULL;
}
static inline int efi_get_variable(sd_id128_t vendor, const char *name, uint32_t *attribute, void **value, size_t *size) {
return -EOPNOTSUPP;
}
static inline int efi_get_variable_string(sd_id128_t vendor, const char *name, char **p) {
return -EOPNOTSUPP;
}
static inline int efi_set_variable(sd_id128_t vendor, const char *name, const void *value, size_t size) {
return -EOPNOTSUPP;
}
static inline int efi_set_variable_string(sd_id128_t vendor, const char *name, const char *p) {
return -EOPNOTSUPP;
}
static inline int efi_systemd_options_variable(char **line) {
return -ENODATA;
}
#endif

2
src/basic/meson.build
View File

@ -39,6 +39,8 @@ basic_sources = files('''
device-nodes.h
dirent-util.c
dirent-util.h
efivars.c
efivars.h
env-file.c
env-file.h
env-util.c

137
src/basic/proc-cmdline.c
View File

@ -5,6 +5,7 @@
#include <string.h>
#include "alloc-util.h"
#include "efivars.h"
#include "extract-word.h"
#include "fileio.h"
#include "macro.h"
@ -117,6 +118,17 @@ int proc_cmdline_parse(proc_cmdline_parse_t parse_item, void *data, ProcCmdlineF
assert(parse_item);
/* We parse the EFI variable first, because later settings have higher priority. */
r = efi_systemd_options_variable(&line);
if (r < 0 && r != -ENODATA)
log_debug_errno(r, "Failed to get SystemdOptions EFI variable, ignoring: %m");
r = proc_cmdline_parse_given(line, parse_item, data, flags);
if (r < 0)
return r;
line = mfree(line);
r = proc_cmdline(&line);
if (r < 0)
return r;
@ -156,34 +168,14 @@ bool proc_cmdline_key_streq(const char *x, const char *y) {
return true;
}
int proc_cmdline_get_key(const char *key, ProcCmdlineFlags flags, char **ret_value) {
_cleanup_free_ char *line = NULL, *ret = NULL;
static int cmdline_get_key(const char *line, const char *key, ProcCmdlineFlags flags, char **ret_value) {
_cleanup_free_ char *ret = NULL;
bool found = false;
const char *p;
int r;
/* Looks for a specific key on the kernel command line. Supports three modes:
*
* a) The "ret_value" parameter is used. In this case a parameter beginning with the "key" string followed by
* "=" is searched for, and the value following it is returned in "ret_value".
*
* b) as above, but the PROC_CMDLINE_VALUE_OPTIONAL flag is set. In this case if the key is found as a separate
* word (i.e. not followed by "=" but instead by whitespace or the end of the command line), then this is
* also accepted, and "value" is returned as NULL.
*
* c) The "ret_value" parameter is NULL. In this case a search for the exact "key" parameter is performed.
*
* In all three cases, > 0 is returned if the key is found, 0 if not. */
if (isempty(key))
return -EINVAL;
if (FLAGS_SET(flags, PROC_CMDLINE_VALUE_OPTIONAL) && !ret_value)
return -EINVAL;
r = proc_cmdline(&line);
if (r < 0)
return r;
assert(line);
assert(key);
p = line;
for (;;) {
@ -226,6 +218,48 @@ int proc_cmdline_get_key(const char *key, ProcCmdlineFlags flags, char **ret_val
return found;
}
int proc_cmdline_get_key(const char *key, ProcCmdlineFlags flags, char **ret_value) {
_cleanup_free_ char *line = NULL;
int r;
/* Looks for a specific key on the kernel command line and (with lower priority) the EFI variable.
* Supports three modes:
*
* a) The "ret_value" parameter is used. In this case a parameter beginning with the "key" string followed by
* "=" is searched for, and the value following it is returned in "ret_value".
*
* b) as above, but the PROC_CMDLINE_VALUE_OPTIONAL flag is set. In this case if the key is found as a separate
* word (i.e. not followed by "=" but instead by whitespace or the end of the command line), then this is
* also accepted, and "value" is returned as NULL.
*
* c) The "ret_value" parameter is NULL. In this case a search for the exact "key" parameter is performed.
*
* In all three cases, > 0 is returned if the key is found, 0 if not. */
if (isempty(key))
return -EINVAL;
if (FLAGS_SET(flags, PROC_CMDLINE_VALUE_OPTIONAL) && !ret_value)
return -EINVAL;
r = proc_cmdline(&line);
if (r < 0)
return r;
r = cmdline_get_key(line, key, flags, ret_value);
if (r != 0) /* Either error or true if found. */
return r;
line = mfree(line);
r = efi_systemd_options_variable(&line);
if (r == -ENODATA)
return false; /* Not found */
if (r < 0)
return r;
return cmdline_get_key(line, key, flags, ret_value);
}
int proc_cmdline_get_bool(const char *key, bool *ret) {
_cleanup_free_ char *v = NULL;
int r;
@ -306,58 +340,3 @@ int proc_cmdline_get_key_many_internal(ProcCmdlineFlags flags, ...) {
return ret;
}
int shall_restore_state(void) {
bool ret;
int r;
r = proc_cmdline_get_bool("systemd.restore_state", &ret);
if (r < 0)
return r;
return r > 0 ? ret : true;
}
static const char * const rlmap[] = {
"emergency", SPECIAL_EMERGENCY_TARGET,
"-b", SPECIAL_EMERGENCY_TARGET,
"rescue", SPECIAL_RESCUE_TARGET,
"single", SPECIAL_RESCUE_TARGET,
"-s", SPECIAL_RESCUE_TARGET,
"s", SPECIAL_RESCUE_TARGET,
"S", SPECIAL_RESCUE_TARGET,
"1", SPECIAL_RESCUE_TARGET,
"2", SPECIAL_MULTI_USER_TARGET,
"3", SPECIAL_MULTI_USER_TARGET,
"4", SPECIAL_MULTI_USER_TARGET,
"5", SPECIAL_GRAPHICAL_TARGET,
NULL
};
static const char * const rlmap_initrd[] = {
"emergency", SPECIAL_EMERGENCY_TARGET,
"rescue", SPECIAL_RESCUE_TARGET,
NULL
};
const char* runlevel_to_target(const char *word) {
const char * const *rlmap_ptr;
size_t i;
if (!word)
return NULL;
if (in_initrd()) {
word = startswith(word, "rd.");
if (!word)
return NULL;
}
rlmap_ptr = in_initrd() ? rlmap_initrd : rlmap;
for (i = 0; rlmap_ptr[i]; i += 2)
if (streq(word, rlmap_ptr[i]))
return rlmap_ptr[i+1];
return NULL;
}

3
src/basic/proc-cmdline.h
View File

@ -27,9 +27,6 @@ int proc_cmdline_get_key_many_internal(ProcCmdlineFlags flags, ...);
char *proc_cmdline_key_startswith(const char *s, const char *prefix);
bool proc_cmdline_key_streq(const char *x, const char *y);
int shall_restore_state(void);
const char* runlevel_to_target(const char *rl);
/* A little helper call, to be used in proc_cmdline_parse_t callbacks */
static inline bool proc_cmdline_value_missing(const char *key, const char *value) {
if (!value) {

16
src/basic/string-util.h
View File

@ -45,6 +45,22 @@ static inline const char *strna(const char *s) {
return s ?: "n/a";
}
static inline const char* yes_no(bool b) {
return b ? "yes" : "no";
}
static inline const char* true_false(bool b) {
return b ? "true" : "false";
}
static inline const char* one_zero(bool b) {
return b ? "1" : "0";
}
static inline const char* enable_disable(bool b) {
return b ? "enable" : "disable";
}
static inline bool isempty(const char *p) {
return !p || !p[0];
}

16
src/basic/util.h
View File

@ -5,22 +5,6 @@
#include "macro.h"
static inline const char* yes_no(bool b) {
return b ? "yes" : "no";
}
static inline const char* true_false(bool b) {
return b ? "true" : "false";
}
static inline const char* one_zero(bool b) {
return b ? "1" : "0";
}
static inline const char* enable_disable(bool b) {
return b ? "enable" : "disable";
}
extern int saved_argc;
extern char **saved_argv;

2
src/boot/bless-boot-generator.c
View File

@ -4,7 +4,7 @@
#include <sys/stat.h>
#include <unistd.h>
#include "efivars.h"
#include "efi-loader.h"
#include "generator.h"
#include "log.h"
#include "mkdir.h"

1
src/boot/bless-boot.c
View File

@ -5,6 +5,7 @@
#include "alloc-util.h"
#include "bootspec.h"
#include "efi-loader.h"
#include "efivars.h"
#include "fd-util.h"
#include "fs-util.h"

46
src/boot/bootctl.c
View File

@ -24,6 +24,7 @@
#include "bootspec.h"
#include "copy.h"
#include "dirent-util.h"
#include "efi-loader.h"
#include "efivars.h"
#include "env-util.h"
#include "escape.h"
@ -1051,8 +1052,9 @@ static int help(int argc, char *argv[], void *userdata) {
" install Install systemd-boot to the ESP and EFI variables\n"
" update Update systemd-boot in the ESP and EFI variables\n"
" remove Remove systemd-boot from the ESP and EFI variables\n"
" random-seed Initialize random seed in ESP and EFI variables\n"
" is-installed Test whether systemd-boot is installed in the ESP\n"
" random-seed Initialize random seed in ESP and EFI variables\n"
" system-options Query or set system options string in EFI variable\n"
"\nBoot Loader Entries Commands:\n"
" list List boot loader entries\n"
" set-default ID Set default boot loader entry\n"
@ -1709,18 +1711,40 @@ static int verb_random_seed(int argc, char *argv[], void *userdata) {
return 0;
}
static int verb_system_options(int argc, char *argv[], void *userdata) {
int r;
if (argc == 1) {
_cleanup_free_ char *line = NULL;
r = efi_systemd_options_variable(&line);
if (r < 0)
return log_error_errno(r, "Failed to query SystemdOptions EFI variable: %m");
printf("SystemdOptions: %s\n", line);
} else {
r = efi_set_variable_string(EFI_VENDOR_SYSTEMD, "SystemdOptions", argv[1]);
if (r < 0)
return log_error_errno(r, "Failed to set SystemdOptions EFI variable: %m");
}
return 0;
}
static int bootctl_main(int argc, char *argv[]) {
static const Verb verbs[] = {
{ "help", VERB_ANY, VERB_ANY, 0, help },
{ "status", VERB_ANY, 1, VERB_DEFAULT, verb_status },
{ "install", VERB_ANY, 1, 0, verb_install },
{ "update", VERB_ANY, 1, 0, verb_install },
{ "remove", VERB_ANY, 1, 0, verb_remove },
{ "random-seed", VERB_ANY, 1, 0, verb_random_seed },
{ "is-installed", VERB_ANY, 1, 0, verb_is_installed },
{ "list", VERB_ANY, 1, 0, verb_list },
{ "set-default", 2, 2, 0, verb_set_default },
{ "set-oneshot", 2, 2, 0, verb_set_default },
{ "help", VERB_ANY, VERB_ANY, 0, help },
{ "status", VERB_ANY, 1, VERB_DEFAULT, verb_status },
{ "install", VERB_ANY, 1, 0, verb_install },
{ "update", VERB_ANY, 1, 0, verb_install },
{ "remove", VERB_ANY, 1, 0, verb_remove },
{ "is-installed", VERB_ANY, 1, 0, verb_is_installed },
{ "list", VERB_ANY, 1, 0, verb_list },
{ "set-default", 2, 2, 0, verb_set_default },
{ "set-oneshot", 2, 2, 0, verb_set_default },
{ "random-seed", VERB_ANY, 1, 0, verb_random_seed },
{ "system-options", VERB_ANY, 2, 0, verb_system_options },
{}
};

3
src/core/cgroup.c
View File

@ -11,6 +11,7 @@
#include "bpf-firewall.h"
#include "btrfs-util.h"
#include "bus-error.h"
#include "cgroup-setup.h"
#include "cgroup-util.h"
#include "cgroup.h"
#include "fd-util.h"
@ -2869,7 +2870,7 @@ int manager_setup_cgroup(Manager *m) {
if (r < 0)
return log_error_errno(r, "Cannot find cgroup mount point: %m");
r = cg_unified_flush();
r = cg_unified();
if (r < 0)
return log_error_errno(r, "Couldn't determine if we are running in the unified hierarchy: %m");

1
src/core/execute.c
View File

@ -48,6 +48,7 @@
#include "cap-list.h"
#include "capability-util.h"
#include "chown-recursive.h"
#include "cgroup-setup.h"
#include "cpu-set-util.h"
#include "def.h"
#include "env-file.h"

2
src/core/load-fragment.c
View File

@ -24,7 +24,7 @@
#include "bus-util.h"
#include "cap-list.h"
#include "capability-util.h"
#include "cgroup.h"
#include "cgroup-setup.h"
#include "conf-parser.h"
#include "cpu-set-util.h"
#include "env-util.h"

4
src/core/mount-setup.c
View File

@ -11,8 +11,10 @@
#include "bus-util.h"
#include "cgroup-util.h"
#include "conf-files.h"
#include "cgroup-setup.h"
#include "dev-setup.h"
#include "efivars.h"
#include "dirent-util.h"
#include "efi-loader.h"
#include "fd-util.h"
#include "fileio.h"
#include "fs-util.h"

1
src/core/unit.c
View File

@ -15,6 +15,7 @@
#include "bpf-firewall.h"
#include "bus-common-errors.h"
#include "bus-util.h"
#include "cgroup-setup.h"
#include "cgroup-util.h"
#include "dbus-unit.h"
#include "dbus.h"

1
src/debug-generator/debug-generator.c
View File

@ -12,6 +12,7 @@
#include "special.h"
#include "string-util.h"
#include "strv.h"
#include "unit-file.h"
#include "unit-name.h"
static const char *arg_dest = NULL;

2
src/gpt-auto-generator/gpt-auto-generator.c
View File

@ -15,7 +15,7 @@
#include "device-util.h"
#include "dirent-util.h"
#include "dissect-image.h"
#include "efivars.h"
#include "efi-loader.h"
#include "fd-util.h"
#include "fileio.h"
#include "fs-util.h"

2
src/libsystemd/sd-bus/test-bus-creds.c
View File

@ -13,7 +13,7 @@ int main(int argc, char *argv[]) {
test_setup_logging(LOG_DEBUG);
if (cg_unified_flush() == -ENOMEDIUM)
if (cg_unified() == -ENOMEDIUM)
return log_tests_skipped("/sys/fs/cgroup/ not available");
r = sd_bus_creds_new_from_pid(&creds, 0, _SD_BUS_CREDS_ALL);

1
src/login/logind-dbus.c
View File

@ -20,6 +20,7 @@
#include "device-util.h"
#include "dirent-util.h"
#include "efivars.h"
#include "efi-loader.h"
#include "env-util.h"
#include "escape.h"
#include "fd-util.h"

2
src/login/pam_systemd.c
View File

@ -20,7 +20,7 @@
#include "bus-error.h"
#include "bus-internal.h"
#include "bus-util.h"
#include "cgroup-util.h"
#include "cgroup-setup.h"
#include "errno-util.h"
#include "fd-util.h"
#include "fileio.h"

1
src/nspawn/nspawn-cgroup.c
View File

@ -3,6 +3,7 @@
#include <sys/mount.h>
#include "alloc-util.h"
#include "cgroup-setup.h"
#include "fd-util.h"
#include "fileio.h"
#include "format-util.h"

2
src/nspawn/nspawn.c
View File

@ -4761,7 +4761,7 @@ static int run(int argc, char *argv[]) {
if (r < 0)
goto finish;
r = cg_unified_flush();
r = cg_unified();
if (r < 0) {
log_error_errno(r, "Failed to determine whether the unified cgroups hierarchy is used: %m");
goto finish;

2
src/nspawn/test-patch-uid.c
View File

@ -5,8 +5,8 @@
#include "log.h"
#include "nspawn-patch-uid.h"
#include "user-util.h"
#include "string-util.h"
#include "tests.h"
#include "util.h"
int main(int argc, char *argv[]) {
uid_t shift, range;

4
src/rfkill/rfkill.c
View File

@ -16,15 +16,15 @@
#include "fd-util.h"
#include "fileio.h"
#include "io-util.h"
#include "list.h"
#include "main-func.h"
#include "mkdir.h"
#include "parse-util.h"
#include "proc-cmdline.h"
#include "reboot-util.h"
#include "string-table.h"
#include "string-util.h"
#include "udev-util.h"
#include "util.h"
#include "list.h"
/* Note that any write is delayed until exit and the rfkill state will not be
* stored for rfkill indices that disappear after a change. */

2
src/shared/boot-timestamps.c
View File

@ -2,7 +2,7 @@
#include "acpi-fpdt.h"
#include "boot-timestamps.h"
#include "efivars.h"
#include "efi-loader.h"
#include "macro.h"
#include "time-util.h"

1
src/shared/bootspec.c
View File

@ -15,6 +15,7 @@
#include "device-nodes.h"
#include "dirent-util.h"
#include "efivars.h"
#include "efi-loader.h"
#include "env-file.h"
#include "env-util.h"
#include "fd-util.h"

1
src/shared/bus-unit-util.c
View File

@ -5,6 +5,7 @@
#include "bus-unit-util.h"
#include "bus-util.h"
#include "cap-list.h"
#include "cgroup-setup.h"
#include "cgroup-util.h"
#include "condition.h"
#include "cpu-set-util.h"

860
src/shared/cgroup-setup.c Normal file
View File

@ -0,0 +1,860 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#include <ftw.h>
#include <unistd.h>
#include "cgroup-setup.h"
#include "cgroup-util.h"
#include "errno-util.h"
#include "parse-util.h"
#include "path-util.h"
#include "proc-cmdline.h"
#include "stdio-util.h"
#include "string-util.h"
#include "fs-util.h"
#include "mkdir.h"
#include "process-util.h"
#include "fileio.h"
#include "user-util.h"
#include "fd-util.h"
bool cg_is_unified_wanted(void) {
static thread_local int wanted = -1;
bool b;
const bool is_default = DEFAULT_HIERARCHY == CGROUP_UNIFIED_ALL;
_cleanup_free_ char *c = NULL;
int r;
/* If we have a cached value, return that. */
if (wanted >= 0)
return wanted;
/* If the hierarchy is already mounted, then follow whatever was chosen for it. */
r = cg_unified_cached(true);
if (r >= 0)
return (wanted = r >= CGROUP_UNIFIED_ALL);
/* If we were explicitly passed systemd.unified_cgroup_hierarchy, respect that. */
r = proc_cmdline_get_bool("systemd.unified_cgroup_hierarchy", &b);
if (r > 0)
return (wanted = b);
/* If we passed cgroup_no_v1=all with no other instructions, it seems highly unlikely that we want to
* use hybrid or legacy hierarchy. */
r = proc_cmdline_get_key("cgroup_no_v1", 0, &c);
if (r > 0 && streq_ptr(c, "all"))
return (wanted = true);
return (wanted = is_default);
}
bool cg_is_legacy_wanted(void) {
static thread_local int wanted = -1;
/* If we have a cached value, return that. */
if (wanted >= 0)
return wanted;
/* Check if we have cgroup v2 already mounted. */
if (cg_unified_cached(true) == CGROUP_UNIFIED_ALL)
return (wanted = false);
/* Otherwise, assume that at least partial legacy is wanted,
* since cgroup v2 should already be mounted at this point. */
return (wanted = true);
}
bool cg_is_hybrid_wanted(void) {
static thread_local int wanted = -1;
int r;
bool b;
const bool is_default = DEFAULT_HIERARCHY >= CGROUP_UNIFIED_SYSTEMD;
/* We default to true if the default is "hybrid", obviously, but also when the default is "unified",
* because if we get called, it means that unified hierarchy was not mounted. */
/* If we have a cached value, return that. */
if (wanted >= 0)
return wanted;
/* If the hierarchy is already mounted, then follow whatever was chosen for it. */
if (cg_unified_cached(true) == CGROUP_UNIFIED_ALL)
return (wanted = false);
/* Otherwise, let's see what the kernel command line has to say. Since checking is expensive, cache
* a non-error result. */
r = proc_cmdline_get_bool("systemd.legacy_systemd_cgroup_controller", &b);
/* The meaning of the kernel option is reversed wrt. to the return value of this function, hence the
* negation. */
return (wanted = r > 0 ? !b : is_default);
}
int cg_weight_parse(const char *s, uint64_t *ret) {
uint64_t u;
int r;
if (isempty(s)) {
*ret = CGROUP_WEIGHT_INVALID;
return 0;
}
r = safe_atou64(s, &u);
if (r < 0)
return r;
if (u < CGROUP_WEIGHT_MIN || u > CGROUP_WEIGHT_MAX)
return -ERANGE;
*ret = u;
return 0;
}
int cg_cpu_shares_parse(const char *s, uint64_t *ret) {
uint64_t u;
int r;
if (isempty(s)) {
*ret = CGROUP_CPU_SHARES_INVALID;
return 0;
}
r = safe_atou64(s, &u);
if (r < 0)
return r;
if (u < CGROUP_CPU_SHARES_MIN || u > CGROUP_CPU_SHARES_MAX)
return -ERANGE;
*ret = u;
return 0;
}
int cg_blkio_weight_parse(const char *s, uint64_t *ret) {
uint64_t u;
int r;
if (isempty(s)) {
*ret = CGROUP_BLKIO_WEIGHT_INVALID;
return 0;
}
r = safe_atou64(s, &u);
if (r < 0)
return r;
if (u < CGROUP_BLKIO_WEIGHT_MIN || u > CGROUP_BLKIO_WEIGHT_MAX)
return -ERANGE;
*ret = u;
return 0;
}
static int trim_cb(const char *path, const struct stat *sb, int typeflag, struct FTW *ftwbuf) {
assert(path);
assert(sb);
assert(ftwbuf);
if (typeflag != FTW_DP)
return 0;
if (ftwbuf->level < 1)
return 0;
(void) rmdir(path);
return 0;
}
int cg_trim(const char *controller, const char *path, bool delete_root) {
_cleanup_free_ char *fs = NULL;
int r = 0, q;
assert(path);
r = cg_get_path(controller, path, NULL, &fs);
if (r < 0)
return r;
errno = 0;
if (nftw(fs, trim_cb, 64, FTW_DEPTH|FTW_MOUNT|FTW_PHYS) != 0) {
if (errno == ENOENT)
r = 0;
else
r = errno_or_else(EIO);
}
if (delete_root) {
if (rmdir(fs) < 0 && errno != ENOENT)
return -errno;
}
q = cg_hybrid_unified();
if (q < 0)
return q;
if (q > 0 && streq(controller, SYSTEMD_CGROUP_CONTROLLER)) {
q = cg_trim(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path, delete_root);
if (q < 0)
log_warning_errno(q, "Failed to trim compat systemd cgroup %s: %m", path);
}
return r;
}
/* Create a cgroup in the hierarchy of controller.
* Returns 0 if the group already existed, 1 on success, negative otherwise.
*/
int cg_create(const char *controller, const char *path) {
_cleanup_free_ char *fs = NULL;
int r;
r = cg_get_path_and_check(controller, path, NULL, &fs);
if (r < 0)
return r;
r = mkdir_parents(fs, 0755);
if (r < 0)
return r;
r = mkdir_errno_wrapper(fs, 0755);
if (r == -EEXIST)
return 0;
if (r < 0)
return r;
r = cg_hybrid_unified();
if (r < 0)
return r;
if (r > 0 && streq(controller, SYSTEMD_CGROUP_CONTROLLER)) {
r = cg_create(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path);
if (r < 0)
log_warning_errno(r, "Failed to create compat systemd cgroup %s: %m", path);
}
return 1;
}
int cg_create_and_attach(const char *controller, const char *path, pid_t pid) {
int r, q;
assert(pid >= 0);
r = cg_create(controller, path);
if (r < 0)
return r;
q = cg_attach(controller, path, pid);
if (q < 0)
return q;
/* This does not remove the cgroup on failure */
return r;
}
int cg_attach(const char *controller, const char *path, pid_t pid) {
_cleanup_free_ char *fs = NULL;
char c[DECIMAL_STR_MAX(pid_t) + 2];
int r;
assert(path);
assert(pid >= 0);
r = cg_get_path_and_check(controller, path, "cgroup.procs", &fs);
if (r < 0)
return r;
if (pid == 0)
pid = getpid_cached();
xsprintf(c, PID_FMT "\n", pid);
r = write_string_file(fs, c, WRITE_STRING_FILE_DISABLE_BUFFER);
if (r < 0)
return r;
r = cg_hybrid_unified();
if (r < 0)
return r;
if (r > 0 && streq(controller, SYSTEMD_CGROUP_CONTROLLER)) {
r = cg_attach(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path, pid);
if (r < 0)
log_warning_errno(r, "Failed to attach "PID_FMT" to compat systemd cgroup %s: %m", pid, path);
}
return 0;
}
int cg_attach_fallback(const char *controller, const char *path, pid_t pid) {
int r;
assert(controller);
assert(path);
assert(pid >= 0);
r = cg_attach(controller, path, pid);
if (r < 0) {
char prefix[strlen(path) + 1];
/* This didn't work? Then let's try all prefixes of
* the destination */
PATH_FOREACH_PREFIX(prefix, path) {
int q;
q = cg_attach(controller, prefix, pid);
if (q >= 0)
return q;
}
}
return r;
}
int cg_set_access(
const char *controller,
const char *path,
uid_t uid,
gid_t gid) {
struct Attribute {
const char *name;
bool fatal;
};
/* cgroup v1, aka legacy/non-unified */
static const struct Attribute legacy_attributes[] = {
{ "cgroup.procs", true },
{ "tasks", false },
{ "cgroup.clone_children", false },
{},
};
/* cgroup v2, aka unified */
static const struct Attribute unified_attributes[] = {
{ "cgroup.procs", true },
{ "cgroup.subtree_control", true },
{ "cgroup.threads", false },
{},
};
static const struct Attribute* const attributes[] = {
[false] = legacy_attributes,
[true] = unified_attributes,
};
_cleanup_free_ char *fs = NULL;
const struct Attribute *i;
int r, unified;
assert(path);
if (uid == UID_INVALID && gid == GID_INVALID)
return 0;
unified = cg_unified_controller(controller);
if (unified < 0)
return unified;
/* Configure access to the cgroup itself */
r = cg_get_path(controller, path, NULL, &fs);
if (r < 0)
return r;
r = chmod_and_chown(fs, 0755, uid, gid);
if (r < 0)
return r;
/* Configure access to the cgroup's attributes */
for (i = attributes[unified]; i->name; i++) {
fs = mfree(fs);
r = cg_get_path(controller, path, i->name, &fs);
if (r < 0)
return r;
r = chmod_and_chown(fs, 0644, uid, gid);
if (r < 0) {
if (i->fatal)
return r;
log_debug_errno(r, "Failed to set access on cgroup %s, ignoring: %m", fs);
}
}
if (streq(controller, SYSTEMD_CGROUP_CONTROLLER)) {
r = cg_hybrid_unified();
if (r < 0)
return r;
if (r > 0) {
/* Always propagate access mode from unified to legacy controller */
r = cg_set_access(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path, uid, gid);
if (r < 0)
log_debug_errno(r, "Failed to set access on compatibility systemd cgroup %s, ignoring: %m", path);
}
}
return 0;
}
int cg_migrate(
const char *cfrom,
const char *pfrom,
const char *cto,
const char *pto,
CGroupFlags flags) {
bool done = false;
_cleanup_set_free_ Set *s = NULL;
int r, ret = 0;
pid_t my_pid;
assert(cfrom);
assert(pfrom);
assert(cto);
assert(pto);
s = set_new(NULL);
if (!s)
return -ENOMEM;
my_pid = getpid_cached();
do {
_cleanup_fclose_ FILE *f = NULL;
pid_t pid = 0;
done = true;
r = cg_enumerate_processes(cfrom, pfrom, &f);
if (r < 0) {
if (ret >= 0 && r != -ENOENT)
return r;
return ret;
}
while ((r = cg_read_pid(f, &pid)) > 0) {
/* This might do weird stuff if we aren't a
* single-threaded program. However, we
* luckily know we are not */
if ((flags & CGROUP_IGNORE_SELF) && pid == my_pid)
continue;
if (set_get(s, PID_TO_PTR(pid)) == PID_TO_PTR(pid))
continue;
/* Ignore kernel threads. Since they can only
* exist in the root cgroup, we only check for
* them there. */
if (cfrom &&
empty_or_root(pfrom) &&
is_kernel_thread(pid) > 0)
continue;
r = cg_attach(cto, pto, pid);
if (r < 0) {
if (ret >= 0 && r != -ESRCH)
ret = r;
} else if (ret == 0)
ret = 1;
done = false;
r = set_put(s, PID_TO_PTR(pid));
if (r < 0) {
if (ret >= 0)
return r;
return ret;
}
}
if (r < 0) {
if (ret >= 0)
return r;
return ret;
}
} while (!done);
return ret;
}
int cg_migrate_recursive(
const char *cfrom,
const char *pfrom,
const char *cto,
const char *pto,
CGroupFlags flags) {
_cleanup_closedir_ DIR *d = NULL;
int r, ret = 0;
char *fn;
assert(cfrom);
assert(pfrom);
assert(cto);
assert(pto);
ret = cg_migrate(cfrom, pfrom, cto, pto, flags);
r = cg_enumerate_subgroups(cfrom, pfrom, &d);
if (r < 0) {
if (ret >= 0 && r != -ENOENT)
return r;
return ret;
}
while ((r = cg_read_subgroup(d, &fn)) > 0) {
_cleanup_free_ char *p = NULL;
p = path_join(empty_to_root(pfrom), fn);
free(fn);
if (!p)
return -ENOMEM;
r = cg_migrate_recursive(cfrom, p, cto, pto, flags);
if (r != 0 && ret >= 0)
ret = r;
}
if (r < 0 && ret >= 0)
ret = r;
if (flags & CGROUP_REMOVE) {
r = cg_rmdir(cfrom, pfrom);
if (r < 0 && ret >= 0 && !IN_SET(r, -ENOENT, -EBUSY))
return r;
}
return ret;
}
int cg_migrate_recursive_fallback(
const char *cfrom,
const char *pfrom,
const char *cto,
const char *pto,
CGroupFlags flags) {
int r;
assert(cfrom);
assert(pfrom);
assert(cto);
assert(pto);
r = cg_migrate_recursive(cfrom, pfrom, cto, pto, flags);
if (r < 0) {
char prefix[strlen(pto) + 1];
/* This didn't work? Then let's try all prefixes of the destination */
PATH_FOREACH_PREFIX(prefix, pto) {
int q;
q = cg_migrate_recursive(cfrom, pfrom, cto, prefix, flags);
if (q >= 0)
return q;
}
}
return r;
}
int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path) {
CGroupController c;
CGroupMask done;
bool created;
int r;
/* This one will create a cgroup in our private tree, but also
* duplicate it in the trees specified in mask, and remove it
* in all others.
*
* Returns 0 if the group already existed in the systemd hierarchy,
* 1 on success, negative otherwise.
*/
/* First create the cgroup in our own hierarchy. */
r = cg_create(SYSTEMD_CGROUP_CONTROLLER, path);
if (r < 0)
return r;
created = r;
/* If we are in the unified hierarchy, we are done now */
r = cg_all_unified();
if (r < 0)
return r;
if (r > 0)
return created;
supported &= CGROUP_MASK_V1;
mask = CGROUP_MASK_EXTEND_JOINED(mask);
done = 0;
/* Otherwise, do the same in the other hierarchies */
for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
const char *n;
if (!FLAGS_SET(supported, bit))
continue;
if (FLAGS_SET(done, bit))
continue;
n = cgroup_controller_to_string(c);
if (FLAGS_SET(mask, bit))
(void) cg_create(n, path);
else
(void) cg_trim(n, path, true);
done |= CGROUP_MASK_EXTEND_JOINED(bit);
}
return created;
}
int cg_attach_everywhere(CGroupMask supported, const char *path, pid_t pid, cg_migrate_callback_t path_callback, void *userdata) {
CGroupController c;
CGroupMask done;
int r;
r = cg_attach(SYSTEMD_CGROUP_CONTROLLER, path, pid);
if (r < 0)
return r;
r = cg_all_unified();
if (r < 0)
return r;
if (r > 0)
return 0;
supported &= CGROUP_MASK_V1;
done = 0;
for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
const char *p = NULL;
if (!FLAGS_SET(supported, bit))
continue;
if (FLAGS_SET(done, bit))
continue;
if (path_callback)
p = path_callback(bit, userdata);
if (!p)
p = path;
(void) cg_attach_fallback(cgroup_controller_to_string(c), p, pid);
done |= CGROUP_MASK_EXTEND_JOINED(bit);
}
return 0;
}
int cg_attach_many_everywhere(CGroupMask supported, const char *path, Set* pids, cg_migrate_callback_t path_callback, void *userdata) {
Iterator i;
void *pidp;
int r = 0;
SET_FOREACH(pidp, pids, i) {
pid_t pid = PTR_TO_PID(pidp);
int q;
q = cg_attach_everywhere(supported, path, pid, path_callback, userdata);
if (q < 0 && r >= 0)
r = q;
}
return r;
}
int cg_migrate_everywhere(CGroupMask supported, const char *from, const char *to, cg_migrate_callback_t to_callback, void *userdata) {
CGroupController c;
CGroupMask done;
int r = 0, q;
if (!path_equal(from, to)) {
r = cg_migrate_recursive(SYSTEMD_CGROUP_CONTROLLER, from, SYSTEMD_CGROUP_CONTROLLER, to, CGROUP_REMOVE);
if (r < 0)
return r;
}
q = cg_all_unified();
if (q < 0)
return q;
if (q > 0)
return r;
supported &= CGROUP_MASK_V1;
done = 0;
for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
const char *p = NULL;
if (!FLAGS_SET(supported, bit))
continue;
if (FLAGS_SET(done, bit))
continue;
if (to_callback)
p = to_callback(bit, userdata);
if (!p)
p = to;
(void) cg_migrate_recursive_fallback(SYSTEMD_CGROUP_CONTROLLER, to, cgroup_controller_to_string(c), p, 0);
done |= CGROUP_MASK_EXTEND_JOINED(bit);
}
return r;
}
int cg_trim_everywhere(CGroupMask supported, const char *path, bool delete_root) {
CGroupController c;
CGroupMask done;
int r, q;
r = cg_trim(SYSTEMD_CGROUP_CONTROLLER, path, delete_root);
if (r < 0)
return r;
q = cg_all_unified();
if (q < 0)
return q;
if (q > 0)
return r;
supported &= CGROUP_MASK_V1;
done = 0;
for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
if (!FLAGS_SET(supported, bit))
continue;
if (FLAGS_SET(done, bit))
continue;
(void) cg_trim(cgroup_controller_to_string(c), path, delete_root);
done |= CGROUP_MASK_EXTEND_JOINED(bit);
}
return r;
}
int cg_enable_everywhere(
CGroupMask supported,
CGroupMask mask,
const char *p,
CGroupMask *ret_result_mask) {
_cleanup_fclose_ FILE *f = NULL;
_cleanup_free_ char *fs = NULL;
CGroupController c;
CGroupMask ret = 0;
int r;
assert(p);
if (supported == 0) {
if (ret_result_mask)
*ret_result_mask = 0;
return 0;
}
r = cg_all_unified();
if (r < 0)
return r;
if (r == 0) {
/* On the legacy hierarchy there's no concept of "enabling" controllers in cgroups defined. Let's claim
* complete success right away. (If you wonder why we return the full mask here, rather than zero: the
* caller tends to use the returned mask later on to compare if all controllers where properly joined,
* and if not requeues realization. This use is the primary purpose of the return value, hence let's
* minimize surprises here and reduce triggers for re-realization by always saying we fully
* succeeded.) */
if (ret_result_mask)
*ret_result_mask = mask & supported & CGROUP_MASK_V2; /* If you wonder why we mask this with
* CGROUP_MASK_V2: The 'supported' mask
* might contain pure-V1 or BPF
* controllers, and we never want to
* claim that we could enable those with
* cgroup.subtree_control */
return 0;
}
r = cg_get_path(SYSTEMD_CGROUP_CONTROLLER, p, "cgroup.subtree_control", &fs);
if (r < 0)
return r;
for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
const char *n;
if (!FLAGS_SET(CGROUP_MASK_V2, bit))
continue;
if (!FLAGS_SET(supported, bit))
continue;
n = cgroup_controller_to_string(c);
{
char s[1 + strlen(n) + 1];
s[0] = FLAGS_SET(mask, bit) ? '+' : '-';
strcpy(s + 1, n);
if (!f) {
f = fopen(fs, "we");
if (!f)
return log_debug_errno(errno, "Failed to open cgroup.subtree_control file of %s: %m", p);
}
r = write_string_stream(f, s, WRITE_STRING_FILE_DISABLE_BUFFER);
if (r < 0) {
log_debug_errno(r, "Failed to %s controller %s for %s (%s): %m",
FLAGS_SET(mask, bit) ? "enable" : "disable", n, p, fs);
clearerr(f);
/* If we can't turn off a controller, leave it on in the reported resulting mask. This
* happens for example when we attempt to turn off a controller up in the tree that is
* used down in the tree. */
if (!FLAGS_SET(mask, bit) && r == -EBUSY) /* You might wonder why we check for EBUSY
* only here, and not follow the same logic
* for other errors such as EINVAL or
* EOPNOTSUPP or anything else. That's
* because EBUSY indicates that the
* controllers is currently enabled and
* cannot be disabled because something down
* the hierarchy is still using it. Any other
* error most likely means something like "I
* never heard of this controller" or
* similar. In the former case it's hence
* safe to assume the controller is still on
* after the failed operation, while in the
* latter case it's safer to assume the
* controller is unknown and hence certainly
* not enabled. */
ret |= bit;
} else {
/* Otherwise, if we managed to turn on a controller, set the bit reflecting that. */
if (FLAGS_SET(mask, bit))
ret |= bit;
}
}
}
/* Let's return the precise set of controllers now enabled for the cgroup. */
if (ret_result_mask)
*ret_result_mask = ret;
return 0;
}

34
src/shared/cgroup-setup.h Normal file
View File

@ -0,0 +1,34 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once
#include <stdbool.h>
#include <stdint.h>
#include <sys/types.h>
#include "cgroup-util.h"
bool cg_is_unified_wanted(void);
bool cg_is_legacy_wanted(void);
bool cg_is_hybrid_wanted(void);
int cg_weight_parse(const char *s, uint64_t *ret);
int cg_cpu_shares_parse(const char *s, uint64_t *ret);
int cg_blkio_weight_parse(const char *s, uint64_t *ret);
int cg_trim(const char *controller, const char *path, bool delete_root);
int cg_create(const char *controller, const char *path);
int cg_attach(const char *controller, const char *path, pid_t pid);
int cg_attach_fallback(const char *controller, const char *path, pid_t pid);
int cg_create_and_attach(const char *controller, const char *path, pid_t pid);
int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char *pto, CGroupFlags flags);
int cg_migrate_recursive(const char *cfrom, const char *pfrom, const char *cto, const char *pto, CGroupFlags flags);
int cg_migrate_recursive_fallback(const char *cfrom, const char *pfrom, const char *cto, const char *pto, CGroupFlags flags);
int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path);
int cg_attach_everywhere(CGroupMask supported, const char *path, pid_t pid, cg_migrate_callback_t callback, void *userdata);
int cg_attach_many_everywhere(CGroupMask supported, const char *path, Set* pids, cg_migrate_callback_t callback, void *userdata);
int cg_migrate_everywhere(CGroupMask supported, const char *from, const char *to, cg_migrate_callback_t callback, void *userdata);
int cg_trim_everywhere(CGroupMask supported, const char *path, bool delete_root);
int cg_enable_everywhere(CGroupMask supported, CGroupMask mask, const char *p, CGroupMask *ret_result_mask);

2
src/shared/condition.c
View File

@ -22,7 +22,7 @@
#include "cgroup-util.h"
#include "condition.h"
#include "cpu-set-util.h"
#include "efivars.h"
#include "efi-loader.h"
#include "env-file.h"
#include "extract-word.h"
#include "fd-util.h"

212
src/shared/efivars.c → src/shared/efi-loader.c
View File

@ -1,30 +1,18 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#include <dirent.h>
#include <errno.h>
#include <fcntl.h>
#include <limits.h>
#include <linux/fs.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <unistd.h>
#include "sd-id128.h"
#include "alloc-util.h"
#include "chattr-util.h"
#include "dirent-util.h"
#include "efi-loader.h"
#include "efivars.h"
#include "fd-util.h"
#include "io-util.h"
#include "macro.h"
#include "parse-util.h"
#include "sort-util.h"
#include "stdio-util.h"
#include "strv.h"
#include "time-util.h"
#include "string-util.h"
#include "utf8.h"
#include "virt.h"
@ -193,202 +181,6 @@ int efi_set_reboot_to_firmware(bool value) {
return 0;
}
char* efi_variable_path(sd_id128_t vendor, const char *name) {
char *p;
if (asprintf(&p,
"/sys/firmware/efi/efivars/%s-" SD_ID128_UUID_FORMAT_STR,
name, SD_ID128_FORMAT_VAL(vendor)) < 0)
return NULL;
return p;
}
int efi_get_variable(
sd_id128_t vendor,
const char *name,
uint32_t *ret_attribute,
void **ret_value,
size_t *ret_size) {
_cleanup_close_ int fd = -1;
_cleanup_free_ char *p = NULL;
_cleanup_free_ void *buf = NULL;
struct stat st;
uint32_t a;
ssize_t n;
assert(name);
p = efi_variable_path(vendor, name);
if (!p)
return -ENOMEM;
if (!ret_value && !ret_size && !ret_attribute) {
/* If caller is not interested in anything, just check if the variable exists and is readable
* to us. */
if (access(p, R_OK) < 0)
return -errno;
return 0;
}
fd = open(p, O_RDONLY|O_NOCTTY|O_CLOEXEC);
if (fd < 0)
return -errno;
if (fstat(fd, &st) < 0)
return -errno;
if (st.st_size < 4)
return -ENODATA;
if (st.st_size > 4*1024*1024 + 4)
return -E2BIG;
if (ret_value || ret_attribute) {
n = read(fd, &a, sizeof(a));
if (n < 0)
return -errno;
if (n != sizeof(a))
return -EIO;
}
if (ret_value) {
buf = malloc(st.st_size - 4 + 2);
if (!buf)
return -ENOMEM;
n = read(fd, buf, (size_t) st.st_size - 4);
if (n < 0)
return -errno;
if (n != st.st_size - 4)
return -EIO;
/* Always NUL terminate (2 bytes, to protect UTF-16) */
((char*) buf)[st.st_size - 4] = 0;
((char*) buf)[st.st_size - 4 + 1] = 0;
}
/* Note that efivarfs interestingly doesn't require ftruncate() to update an existing EFI variable
* with a smaller value. */
if (ret_attribute)
*ret_attribute = a;
if (ret_value)
*ret_value = TAKE_PTR(buf);
if (ret_size)
*ret_size = (size_t) st.st_size - 4;
return 0;
}
int efi_get_variable_string(sd_id128_t vendor, const char *name, char **p) {
_cleanup_free_ void *s = NULL;
size_t ss = 0;
int r;
char *x;
r = efi_get_variable(vendor, name, NULL, &s, &ss);
if (r < 0)
return r;
x = utf16_to_utf8(s, ss);
if (!x)
return -ENOMEM;
*p = x;
return 0;
}
int efi_set_variable(
sd_id128_t vendor,
const char *name,
const void *value,
size_t size) {
struct var {
uint32_t attr;
char buf[];
} _packed_ * _cleanup_free_ buf = NULL;
_cleanup_free_ char *p = NULL;
_cleanup_close_ int fd = -1;
bool saved_flags_valid = false;
unsigned saved_flags;
int r;
assert(name);
assert(value || size == 0);
p = efi_variable_path(vendor, name);
if (!p)
return -ENOMEM;
/* Newer efivarfs protects variables that are not in a whitelist with FS_IMMUTABLE_FL by default, to protect
* them for accidental removal and modification. We are not changing these variables accidentally however,
* hence let's unset the bit first. */
r = chattr_path(p, 0, FS_IMMUTABLE_FL, &saved_flags);
if (r < 0 && r != -ENOENT)
log_debug_errno(r, "Failed to drop FS_IMMUTABLE_FL flag from '%s', ignoring: %m", p);
saved_flags_valid = r >= 0;
if (size == 0) {
if (unlink(p) < 0) {
r = -errno;
goto finish;
}
return 0;
}
fd = open(p, O_WRONLY|O_CREAT|O_NOCTTY|O_CLOEXEC, 0644);
if (fd < 0) {
r = -errno;
goto finish;
}
buf = malloc(sizeof(uint32_t) + size);
if (!buf) {
r = -ENOMEM;
goto finish;
}
buf->attr = EFI_VARIABLE_NON_VOLATILE|EFI_VARIABLE_BOOTSERVICE_ACCESS|EFI_VARIABLE_RUNTIME_ACCESS;
memcpy(buf->buf, value, size);
r = loop_write(fd, buf, sizeof(uint32_t) + size, false);
if (r < 0)
goto finish;
r = 0;
finish:
if (saved_flags_valid) {
int q;
/* Restore the original flags field, just in case */
if (fd < 0)
q = chattr_path(p, saved_flags, FS_IMMUTABLE_FL, NULL);
else
q = chattr_fd(fd, saved_flags, FS_IMMUTABLE_FL, NULL);
if (q < 0)
log_debug_errno(q, "Failed to restore FS_IMMUTABLE_FL on '%s', ignoring: %m", p);
}
return r;
}
int efi_set_variable_string(sd_id128_t vendor, const char *name, const char *v) {
_cleanup_free_ char16_t *u16 = NULL;
u16 = utf8_to_utf16(v, strlen(v));
if (!u16)
return -ENOMEM;
return efi_set_variable(vendor, name, u16, (char16_strlen(u16) + 1) * sizeof(char16_t));
}
static ssize_t utf16_size(const uint16_t *s, size_t buf_len_bytes) {
size_t l = 0;

44
src/shared/efivars.h → src/shared/efi-loader.h
View File

@ -1,23 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once
#if ! ENABLE_EFI
#include <errno.h>
#endif
#include <stdbool.h>
#include <stddef.h>
#include <stdint.h>
#include "sd-id128.h"
#include "efi/loader-features.h"
#include "time-util.h"
#define EFI_VENDOR_LOADER SD_ID128_MAKE(4a,67,b0,82,0a,4c,41,cf,b6,c7,44,0b,29,bb,8c,4f)
#define EFI_VENDOR_GLOBAL SD_ID128_MAKE(8b,e4,df,61,93,ca,11,d2,aa,0d,00,e0,98,03,2b,8c)
#define EFI_VARIABLE_NON_VOLATILE 0x0000000000000001
#define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x0000000000000002
#define EFI_VARIABLE_RUNTIME_ACCESS 0x0000000000000004
#include "efivars.h"
#if ENABLE_EFI
@ -28,12 +12,6 @@ int efi_reboot_to_firmware_supported(void);
int efi_get_reboot_to_firmware(void);
int efi_set_reboot_to_firmware(bool value);
char* efi_variable_path(sd_id128_t vendor, const char *name);
int efi_get_variable(sd_id128_t vendor, const char *name, uint32_t *attribute, void **value, size_t *size);
int efi_get_variable_string(sd_id128_t vendor, const char *name, char **p);
int efi_set_variable(sd_id128_t vendor, const char *name, const void *value, size_t size);
int efi_set_variable_string(sd_id128_t vendor, const char *name, const char *p);
int efi_get_boot_option(uint16_t nr, char **title, sd_id128_t *part_uuid, char **path, bool *active);
int efi_add_boot_option(uint16_t id, const char *title, uint32_t part, uint64_t pstart, uint64_t psize, sd_id128_t part_uuid, const char *path);
int efi_remove_boot_option(uint16_t id);
@ -74,26 +52,6 @@ static inline int efi_set_reboot_to_firmware(bool value) {
return -EOPNOTSUPP;
}
static inline char* efi_variable_path(sd_id128_t vendor, const char *name) {
return NULL;
}
static inline int efi_get_variable(sd_id128_t vendor, const char *name, uint32_t *attribute, void **value, size_t *size) {
return -EOPNOTSUPP;
}
static inline int efi_get_variable_string(sd_id128_t vendor, const char *name, char **p) {
return -EOPNOTSUPP;
}
static inline int efi_set_variable(sd_id128_t vendor, const char *name, const void *value, size_t size) {
return -EOPNOTSUPP;
}
static inline int efi_set_variable_string(sd_id128_t vendor, const char *name, const char *p) {
return -EOPNOTSUPP;
}
static inline int efi_get_boot_option(uint16_t nr, char **title, sd_id128_t *part_uuid, char **path, bool *active) {
return -EOPNOTSUPP;
}

6
src/shared/meson.build
View File

@ -33,6 +33,8 @@ shared_sources = files('''
bus-wait-for-units.h
calendarspec.c
calendarspec.h
cgroup-setup.c
cgroup-setup.h
cgroup-show.c
cgroup-show.h
clean-ipc.c
@ -58,8 +60,8 @@ shared_sources = files('''
dns-domain.h
dropin.c
dropin.h
efivars.c
efivars.h
efi-loader.c
efi-loader.h
enable-mempool.c
env-file-label.c
env-file-label.h

12
src/shared/reboot-util.c
View File

@ -6,6 +6,7 @@
#include "alloc-util.h"
#include "fileio.h"
#include "log.h"
#include "proc-cmdline.h"
#include "raw-reboot.h"
#include "reboot-util.h"
#include "string-util.h"
@ -96,3 +97,14 @@ int reboot_with_parameter(RebootFlags flags) {
return log_full_errno(flags & REBOOT_LOG ? LOG_ERR : LOG_DEBUG, errno, "Failed to reboot: %m");
}
int shall_restore_state(void) {
bool ret;
int r;
r = proc_cmdline_get_bool("systemd.restore_state", &ret);
if (r < 0)
return r;
return r > 0 ? ret : true;
}

2
src/shared/reboot-util.h
View File

@ -11,3 +11,5 @@ typedef enum RebootFlags {
int read_reboot_parameter(char **parameter);
int reboot_with_parameter(RebootFlags flags);
int shall_restore_state(void);

1
src/shared/serialize.h
View File

@ -5,6 +5,7 @@
#include "fdset.h"
#include "macro.h"
#include "string-util.h"
#include "time-util.h"
int serialize_item(FILE *f, const char *key, const char *value);

45
src/shared/unit-file.c
View File

@ -6,6 +6,7 @@
#include "macro.h"
#include "path-lookup.h"
#include "set.h"
#include "special.h"
#include "stat-util.h"
#include "string-util.h"
#include "strv.h"
@ -512,3 +513,47 @@ int unit_file_find_fragment(
// FIXME: if instance, consider any unit names with different template name
return 0;
}
static const char * const rlmap[] = {
"emergency", SPECIAL_EMERGENCY_TARGET,
"-b", SPECIAL_EMERGENCY_TARGET,
"rescue", SPECIAL_RESCUE_TARGET,
"single", SPECIAL_RESCUE_TARGET,
"-s", SPECIAL_RESCUE_TARGET,
"s", SPECIAL_RESCUE_TARGET,
"S", SPECIAL_RESCUE_TARGET,
"1", SPECIAL_RESCUE_TARGET,
"2", SPECIAL_MULTI_USER_TARGET,
"3", SPECIAL_MULTI_USER_TARGET,
"4", SPECIAL_MULTI_USER_TARGET,
"5", SPECIAL_GRAPHICAL_TARGET,
NULL
};
static const char * const rlmap_initrd[] = {
"emergency", SPECIAL_EMERGENCY_TARGET,
"rescue", SPECIAL_RESCUE_TARGET,
NULL
};
const char* runlevel_to_target(const char *word) {
const char * const *rlmap_ptr;
size_t i;
if (!word)
return NULL;
if (in_initrd()) {
word = startswith(word, "rd.");
if (!word)
return NULL;
}
rlmap_ptr = in_initrd() ? rlmap_initrd : rlmap;
for (i = 0; rlmap_ptr[i]; i += 2)
if (streq(word, rlmap_ptr[i]))
return rlmap_ptr[i+1];
return NULL;
}

2
src/shared/unit-file.h
View File

@ -54,3 +54,5 @@ int unit_file_find_fragment(
const char *unit_name,
const char **ret_fragment_path,
Set **names);
const char* runlevel_to_target(const char *rl);

1
src/shutdown/shutdown.c
View File

@ -17,6 +17,7 @@
#include "alloc-util.h"
#include "async.h"
#include "cgroup-setup.h"
#include "cgroup-util.h"
#include "def.h"
#include "exec-util.h"

1
src/system-update-generator/system-update-generator.c
View File

@ -9,6 +9,7 @@
#include "proc-cmdline.h"
#include "special.h"
#include "string-util.h"
#include "unit-file.h"
#include "util.h"
/*

4
src/test/meson.build
View File

@ -615,6 +615,10 @@ tests += [
[],
[]],
[['src/test/test-cgroup-setup.c'],
[],
[]],
[['src/test/test-env-file.c'],
[],
[]],

2
src/test/test-boot-timestamps.c
View File

@ -5,7 +5,7 @@
#include "acpi-fpdt.h"
#include "boot-timestamps.h"
#include "efivars.h"
#include "efi-loader.h"
#include "log.h"
#include "tests.h"
#include "util.h"

2
src/test/test-capability.c
View File

@ -15,8 +15,8 @@
#include "macro.h"
#include "missing_prctl.h"
#include "parse-util.h"
#include "string-util.h"
#include "tests.h"
#include "util.h"
static uid_t test_uid = -1;
static gid_t test_gid = -1;

67
src/test/test-cgroup-setup.c Normal file
View File

@ -0,0 +1,67 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#include "alloc-util.h"
#include "build.h"
#include "cgroup-setup.h"
#include "log.h"
#include "proc-cmdline.h"
#include "string-util.h"
#include "tests.h"
static void test_is_wanted_print(bool header) {
_cleanup_free_ char *cmdline = NULL;
log_info("-- %s --", __func__);
assert_se(proc_cmdline(&cmdline) >= 0);
log_info("cmdline: %s", cmdline);
if (header) {
log_info(_CGROUP_HIERARCHY_);
(void) system("findmnt -n /sys/fs/cgroup");
}
log_info("is_unified_wanted() → %s", yes_no(cg_is_unified_wanted()));
log_info("is_hybrid_wanted() → %s", yes_no(cg_is_hybrid_wanted()));
log_info("is_legacy_wanted() → %s", yes_no(cg_is_legacy_wanted()));
log_info(" ");
}
static void test_is_wanted(void) {
assert_se(setenv("SYSTEMD_PROC_CMDLINE",
"systemd.unified_cgroup_hierarchy", 1) >= 0);
test_is_wanted_print(false);
assert_se(setenv("SYSTEMD_PROC_CMDLINE",
"systemd.unified_cgroup_hierarchy=0", 1) >= 0);
test_is_wanted_print(false);
assert_se(setenv("SYSTEMD_PROC_CMDLINE",
"systemd.unified_cgroup_hierarchy=0 "
"systemd.legacy_systemd_cgroup_controller", 1) >= 0);
test_is_wanted_print(false);
assert_se(setenv("SYSTEMD_PROC_CMDLINE",
"systemd.unified_cgroup_hierarchy=0 "
"systemd.legacy_systemd_cgroup_controller=0", 1) >= 0);
test_is_wanted_print(false);
/* cgroup_no_v1=all implies unified cgroup hierarchy, unless otherwise
* explicitly specified. */
assert_se(setenv("SYSTEMD_PROC_CMDLINE",
"cgroup_no_v1=all", 1) >= 0);
test_is_wanted_print(false);
assert_se(setenv("SYSTEMD_PROC_CMDLINE",
"cgroup_no_v1=all "
"systemd.unified_cgroup_hierarchy=0", 1) >= 0);
test_is_wanted_print(false);
}
int main(void) {
test_setup_logging(LOG_DEBUG);
test_is_wanted_print(true);
test_is_wanted_print(false); /* run twice to test caching */
test_is_wanted();
return 0;
}

56
src/test/test-cgroup-util.c
View File

@ -333,64 +333,15 @@ static void test_fd_is_cgroup_fs(void) {
fd = safe_close(fd);
}
static void test_is_wanted_print(bool header) {
_cleanup_free_ char *cmdline = NULL;
log_info("-- %s --", __func__);
assert_se(proc_cmdline(&cmdline) >= 0);
log_info("cmdline: %s", cmdline);
if (header) {
log_info(_CGROUP_HIERARCHY_);
(void) system("findmnt -n /sys/fs/cgroup");
}
log_info("is_unified_wanted() → %s", yes_no(cg_is_unified_wanted()));
log_info("is_hybrid_wanted() → %s", yes_no(cg_is_hybrid_wanted()));
log_info("is_legacy_wanted() → %s", yes_no(cg_is_legacy_wanted()));
log_info(" ");
}
static void test_is_wanted(void) {
assert_se(setenv("SYSTEMD_PROC_CMDLINE",
"systemd.unified_cgroup_hierarchy", 1) >= 0);
test_is_wanted_print(false);
assert_se(setenv("SYSTEMD_PROC_CMDLINE",
"systemd.unified_cgroup_hierarchy=0", 1) >= 0);
test_is_wanted_print(false);
assert_se(setenv("SYSTEMD_PROC_CMDLINE",
"systemd.unified_cgroup_hierarchy=0 "
"systemd.legacy_systemd_cgroup_controller", 1) >= 0);
test_is_wanted_print(false);
assert_se(setenv("SYSTEMD_PROC_CMDLINE",
"systemd.unified_cgroup_hierarchy=0 "
"systemd.legacy_systemd_cgroup_controller=0", 1) >= 0);
test_is_wanted_print(false);
/* cgroup_no_v1=all implies unified cgroup hierarchy, unless otherwise
* explicitly specified. */
assert_se(setenv("SYSTEMD_PROC_CMDLINE",
"cgroup_no_v1=all", 1) >= 0);
test_is_wanted_print(false);
assert_se(setenv("SYSTEMD_PROC_CMDLINE",
"cgroup_no_v1=all "
"systemd.unified_cgroup_hierarchy=0", 1) >= 0);
test_is_wanted_print(false);
}
static void test_cg_tests(void) {
int all, hybrid, systemd, r;
r = cg_unified_flush();
r = cg_unified();
if (r == -ENOMEDIUM) {
log_notice_errno(r, "Skipping cg hierarchy tests: %m");
return;
}
assert_se(r == 0);
assert_se(r >= 0);
all = cg_all_unified();
assert_se(IN_SET(all, 0, 1));
@ -477,9 +428,6 @@ int main(void) {
TEST_REQ_RUNNING_SYSTEMD(test_mask_supported());
TEST_REQ_RUNNING_SYSTEMD(test_is_cgroup_fs());
TEST_REQ_RUNNING_SYSTEMD(test_fd_is_cgroup_fs());
test_is_wanted_print(true);
test_is_wanted_print(false); /* run twice to test caching */
test_is_wanted();
test_cg_tests();
test_cg_get_keyed_attribute();

1
src/test/test-cgroup.c
View File

@ -3,6 +3,7 @@
#include <string.h>
#include <unistd.h>
#include "cgroup-setup.h"
#include "cgroup-util.h"
#include "path-util.h"
#include "process-util.h"

4
src/test/test-condition.c
View File

@ -14,7 +14,7 @@
#include "cgroup-util.h"
#include "condition.h"
#include "cpu-set-util.h"
#include "efivars.h"
#include "efi-loader.h"
#include "hostname-util.h"
#include "id128-util.h"
#include "ima-util.h"
@ -124,7 +124,7 @@ static void test_condition_test_control_group_controller(void) {
_cleanup_free_ char *controller_name = NULL;
int r;
r = cg_unified_flush();
r = cg_unified();
if (r < 0) {
log_notice_errno(r, "Skipping ConditionControlGroupController tests: %m");
return;

2
src/test/test-helper.c
View File

@ -3,7 +3,7 @@
#include "test-helper.h"
#include "random-util.h"
#include "alloc-util.h"
#include "cgroup-util.h"
#include "cgroup-setup.h"
#include "string-util.h"
int enter_cgroup_subroot(void) {

57
src/test/test-proc-cmdline.c
View File

@ -7,6 +7,7 @@
#include "proc-cmdline.h"
#include "special.h"
#include "string-util.h"
#include "tests.h"
#include "util.h"
static int obj;
@ -29,8 +30,9 @@ static void test_proc_cmdline_override(void) {
log_info("/* %s */", __func__);
assert_se(putenv((char*) "SYSTEMD_PROC_CMDLINE=foo_bar=quux wuff-piep=tuet zumm some_arg_with_space='foo bar' and_one_more=\"zzz aaa\"") == 0);
assert_se(putenv((char*) "SYSTEMD_EFI_OPTIONS=differnt") == 0);
/* Test if the override works */
/* First test if the overrides for /proc/cmdline still work */
_cleanup_free_ char *line = NULL, *value = NULL;
assert_se(proc_cmdline(&line) >= 0);
@ -44,6 +46,19 @@ static void test_proc_cmdline_override(void) {
assert_se(proc_cmdline_get_key("and_one_more", 0, &value) > 0 && streq_ptr(value, "zzz aaa"));
value = mfree(value);
assert_se(putenv((char*) "SYSTEMD_PROC_CMDLINE=") == 0);
assert_se(putenv((char*) "SYSTEMD_PROC_CMDLINE=foo_bar=quux wuff-piep=tuet zumm some_arg_with_space='foo bar' and_one_more=\"zzz aaa\"") == 0);
assert_se(streq(line, "foo_bar=quux wuff-piep=tuet zumm some_arg_with_space='foo bar' and_one_more=\"zzz aaa\""));
assert_se(proc_cmdline_get_key("foo_bar", 0, &value) > 0 && streq_ptr(value, "quux"));
value = mfree(value);
assert_se(proc_cmdline_get_key("some_arg_with_space", 0, &value) > 0 && streq_ptr(value, "foo bar"));
value = mfree(value);
assert_se(proc_cmdline_get_key("and_one_more", 0, &value) > 0 && streq_ptr(value, "zzz aaa"));
value = mfree(value);
}
static int parse_item_given(const char *key, const char *value, void *data) {
@ -139,6 +154,24 @@ static void test_proc_cmdline_get_bool(void) {
log_info("/* %s */", __func__);
assert_se(putenv((char*) "SYSTEMD_PROC_CMDLINE=foo_bar bar-waldo=1 x_y-z=0 quux=miep\nda=yes\nthe=1") == 0);
assert_se(putenv((char*) "SYSTEMD_EFI_OPTIONS=") == 0);
assert_se(proc_cmdline_get_bool("", &value) == -EINVAL);
assert_se(proc_cmdline_get_bool("abc", &value) == 0 && value == false);
assert_se(proc_cmdline_get_bool("foo_bar", &value) > 0 && value == true);
assert_se(proc_cmdline_get_bool("foo-bar", &value) > 0 && value == true);
assert_se(proc_cmdline_get_bool("bar-waldo", &value) > 0 && value == true);
assert_se(proc_cmdline_get_bool("bar_waldo", &value) > 0 && value == true);
assert_se(proc_cmdline_get_bool("x_y-z", &value) > 0 && value == false);
assert_se(proc_cmdline_get_bool("x-y-z", &value) > 0 && value == false);
assert_se(proc_cmdline_get_bool("x-y_z", &value) > 0 && value == false);
assert_se(proc_cmdline_get_bool("x_y_z", &value) > 0 && value == false);
assert_se(proc_cmdline_get_bool("quux", &value) == -EINVAL && value == false);
assert_se(proc_cmdline_get_bool("da", &value) > 0 && value == true);
assert_se(proc_cmdline_get_bool("the", &value) > 0 && value == true);
assert_se(putenv((char*) "SYSTEMD_PROC_CMDLINE=") == 0);
assert_se(putenv((char*) "SYSTEMD_EFI_OPTIONS=foo_bar bar-waldo=1 x_y-z=0 quux=miep\nda=yes\nthe=1") == 0);
assert_se(proc_cmdline_get_bool("", &value) == -EINVAL);
assert_se(proc_cmdline_get_bool("abc", &value) == 0 && value == false);
@ -212,27 +245,8 @@ static void test_proc_cmdline_key_startswith(void) {
assert_se(!proc_cmdline_key_startswith("foo-bar", "foo_xx"));
}
static void test_runlevel_to_target(void) {
log_info("/* %s */", __func__);
in_initrd_force(false);
assert_se(streq_ptr(runlevel_to_target(NULL), NULL));
assert_se(streq_ptr(runlevel_to_target("unknown-runlevel"), NULL));
assert_se(streq_ptr(runlevel_to_target("rd.unknown-runlevel"), NULL));
assert_se(streq_ptr(runlevel_to_target("3"), SPECIAL_MULTI_USER_TARGET));
assert_se(streq_ptr(runlevel_to_target("rd.rescue"), NULL));
in_initrd_force(true);
assert_se(streq_ptr(runlevel_to_target(NULL), NULL));
assert_se(streq_ptr(runlevel_to_target("unknown-runlevel"), NULL));
assert_se(streq_ptr(runlevel_to_target("rd.unknown-runlevel"), NULL));
assert_se(streq_ptr(runlevel_to_target("3"), NULL));
assert_se(streq_ptr(runlevel_to_target("rd.rescue"), SPECIAL_RESCUE_TARGET));
}
int main(void) {
log_parse_environment();
log_open();
test_setup_logging(LOG_INFO);
test_proc_cmdline_parse();
test_proc_cmdline_override();
@ -244,7 +258,6 @@ int main(void) {
test_proc_cmdline_get_key();
test_proc_cmdline_get_bool();
test_proc_cmdline_get_key_many();
test_runlevel_to_target();
return 0;
}

20
src/test/test-unit-file.c
View File

@ -2,6 +2,7 @@
#include "path-lookup.h"
#include "set.h"
#include "special.h"
#include "strv.h"
#include "tests.h"
#include "unit-file.h"
@ -75,11 +76,30 @@ static void test_unit_file_build_name_map(char **ids) {
}
}
static void test_runlevel_to_target(void) {
log_info("/* %s */", __func__);
in_initrd_force(false);
assert_se(streq_ptr(runlevel_to_target(NULL), NULL));
assert_se(streq_ptr(runlevel_to_target("unknown-runlevel"), NULL));
assert_se(streq_ptr(runlevel_to_target("rd.unknown-runlevel"), NULL));
assert_se(streq_ptr(runlevel_to_target("3"), SPECIAL_MULTI_USER_TARGET));
assert_se(streq_ptr(runlevel_to_target("rd.rescue"), NULL));
in_initrd_force(true);
assert_se(streq_ptr(runlevel_to_target(NULL), NULL));
assert_se(streq_ptr(runlevel_to_target("unknown-runlevel"), NULL));
assert_se(streq_ptr(runlevel_to_target("rd.unknown-runlevel"), NULL));
assert_se(streq_ptr(runlevel_to_target("3"), NULL));
assert_se(streq_ptr(runlevel_to_target("rd.rescue"), SPECIAL_RESCUE_TARGET));
}
int main(int argc, char **argv) {
test_setup_logging(LOG_DEBUG);
test_unit_validate_alias_symlink_and_warn();
test_unit_file_build_name_map(strv_skip(argv, 1));
test_runlevel_to_target();
return 0;
}

2
src/udev/udev-builtin-blkid.c
View File

@ -19,7 +19,7 @@
#include "alloc-util.h"
#include "blkid-util.h"
#include "device-util.h"
#include "efivars.h"
#include "efi-loader.h"
#include "errno-util.h"
#include "fd-util.h"
#include "gpt.h"