226 lines
7.0 KiB
C
226 lines
7.0 KiB
C
/* SPDX-License-Identifier: LGPL-2.1+ */
|
|
#pragma once
|
|
|
|
/***
|
|
This file is part of systemd.
|
|
|
|
Copyright 2013 Lennart Poettering
|
|
|
|
systemd is free software; you can redistribute it and/or modify it
|
|
under the terms of the GNU Lesser General Public License as published by
|
|
the Free Software Foundation; either version 2.1 of the License, or
|
|
(at your option) any later version.
|
|
|
|
systemd is distributed in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Lesser General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Lesser General Public License
|
|
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
|
***/
|
|
|
|
#include <stdbool.h>
|
|
|
|
#include "cgroup-util.h"
|
|
#include "ip-address-access.h"
|
|
#include "list.h"
|
|
#include "time-util.h"
|
|
|
|
typedef struct CGroupContext CGroupContext;
|
|
typedef struct CGroupDeviceAllow CGroupDeviceAllow;
|
|
typedef struct CGroupIODeviceWeight CGroupIODeviceWeight;
|
|
typedef struct CGroupIODeviceLimit CGroupIODeviceLimit;
|
|
typedef struct CGroupBlockIODeviceWeight CGroupBlockIODeviceWeight;
|
|
typedef struct CGroupBlockIODeviceBandwidth CGroupBlockIODeviceBandwidth;
|
|
|
|
typedef enum CGroupDevicePolicy {
|
|
|
|
/* When devices listed, will allow those, plus built-in ones,
|
|
if none are listed will allow everything. */
|
|
CGROUP_AUTO,
|
|
|
|
/* Everything forbidden, except built-in ones and listed ones. */
|
|
CGROUP_CLOSED,
|
|
|
|
/* Everythings forbidden, except for the listed devices */
|
|
CGROUP_STRICT,
|
|
|
|
_CGROUP_DEVICE_POLICY_MAX,
|
|
_CGROUP_DEVICE_POLICY_INVALID = -1
|
|
} CGroupDevicePolicy;
|
|
|
|
struct CGroupDeviceAllow {
|
|
LIST_FIELDS(CGroupDeviceAllow, device_allow);
|
|
char *path;
|
|
bool r:1;
|
|
bool w:1;
|
|
bool m:1;
|
|
};
|
|
|
|
struct CGroupIODeviceWeight {
|
|
LIST_FIELDS(CGroupIODeviceWeight, device_weights);
|
|
char *path;
|
|
uint64_t weight;
|
|
};
|
|
|
|
struct CGroupIODeviceLimit {
|
|
LIST_FIELDS(CGroupIODeviceLimit, device_limits);
|
|
char *path;
|
|
uint64_t limits[_CGROUP_IO_LIMIT_TYPE_MAX];
|
|
};
|
|
|
|
struct CGroupBlockIODeviceWeight {
|
|
LIST_FIELDS(CGroupBlockIODeviceWeight, device_weights);
|
|
char *path;
|
|
uint64_t weight;
|
|
};
|
|
|
|
struct CGroupBlockIODeviceBandwidth {
|
|
LIST_FIELDS(CGroupBlockIODeviceBandwidth, device_bandwidths);
|
|
char *path;
|
|
uint64_t rbps;
|
|
uint64_t wbps;
|
|
};
|
|
|
|
struct CGroupContext {
|
|
bool cpu_accounting;
|
|
bool io_accounting;
|
|
bool blockio_accounting;
|
|
bool memory_accounting;
|
|
bool tasks_accounting;
|
|
bool ip_accounting;
|
|
|
|
/* For unified hierarchy */
|
|
uint64_t cpu_weight;
|
|
uint64_t startup_cpu_weight;
|
|
usec_t cpu_quota_per_sec_usec;
|
|
|
|
uint64_t io_weight;
|
|
uint64_t startup_io_weight;
|
|
LIST_HEAD(CGroupIODeviceWeight, io_device_weights);
|
|
LIST_HEAD(CGroupIODeviceLimit, io_device_limits);
|
|
|
|
uint64_t memory_low;
|
|
uint64_t memory_high;
|
|
uint64_t memory_max;
|
|
uint64_t memory_swap_max;
|
|
|
|
LIST_HEAD(IPAddressAccessItem, ip_address_allow);
|
|
LIST_HEAD(IPAddressAccessItem, ip_address_deny);
|
|
|
|
/* For legacy hierarchies */
|
|
uint64_t cpu_shares;
|
|
uint64_t startup_cpu_shares;
|
|
|
|
uint64_t blockio_weight;
|
|
uint64_t startup_blockio_weight;
|
|
LIST_HEAD(CGroupBlockIODeviceWeight, blockio_device_weights);
|
|
LIST_HEAD(CGroupBlockIODeviceBandwidth, blockio_device_bandwidths);
|
|
|
|
uint64_t memory_limit;
|
|
|
|
CGroupDevicePolicy device_policy;
|
|
LIST_HEAD(CGroupDeviceAllow, device_allow);
|
|
|
|
/* Common */
|
|
uint64_t tasks_max;
|
|
|
|
bool delegate;
|
|
CGroupMask delegate_controllers;
|
|
};
|
|
|
|
/* Used when querying IP accounting data */
|
|
typedef enum CGroupIPAccountingMetric {
|
|
CGROUP_IP_INGRESS_BYTES,
|
|
CGROUP_IP_INGRESS_PACKETS,
|
|
CGROUP_IP_EGRESS_BYTES,
|
|
CGROUP_IP_EGRESS_PACKETS,
|
|
_CGROUP_IP_ACCOUNTING_METRIC_MAX,
|
|
_CGROUP_IP_ACCOUNTING_METRIC_INVALID = -1,
|
|
} CGroupIPAccountingMetric;
|
|
|
|
#include "unit.h"
|
|
|
|
void cgroup_context_init(CGroupContext *c);
|
|
void cgroup_context_done(CGroupContext *c);
|
|
void cgroup_context_dump(CGroupContext *c, FILE* f, const char *prefix);
|
|
|
|
CGroupMask cgroup_context_get_mask(CGroupContext *c);
|
|
|
|
void cgroup_context_free_device_allow(CGroupContext *c, CGroupDeviceAllow *a);
|
|
void cgroup_context_free_io_device_weight(CGroupContext *c, CGroupIODeviceWeight *w);
|
|
void cgroup_context_free_io_device_limit(CGroupContext *c, CGroupIODeviceLimit *l);
|
|
void cgroup_context_free_blockio_device_weight(CGroupContext *c, CGroupBlockIODeviceWeight *w);
|
|
void cgroup_context_free_blockio_device_bandwidth(CGroupContext *c, CGroupBlockIODeviceBandwidth *b);
|
|
|
|
CGroupMask unit_get_own_mask(Unit *u);
|
|
CGroupMask unit_get_delegate_mask(Unit *u);
|
|
CGroupMask unit_get_members_mask(Unit *u);
|
|
CGroupMask unit_get_siblings_mask(Unit *u);
|
|
CGroupMask unit_get_subtree_mask(Unit *u);
|
|
|
|
CGroupMask unit_get_target_mask(Unit *u);
|
|
CGroupMask unit_get_enable_mask(Unit *u);
|
|
|
|
bool unit_get_needs_bpf(Unit *u);
|
|
|
|
void unit_update_cgroup_members_masks(Unit *u);
|
|
|
|
const char *unit_get_realized_cgroup_path(Unit *u, CGroupMask mask);
|
|
char *unit_default_cgroup_path(Unit *u);
|
|
int unit_set_cgroup_path(Unit *u, const char *path);
|
|
int unit_pick_cgroup_path(Unit *u);
|
|
|
|
int unit_realize_cgroup(Unit *u);
|
|
void unit_release_cgroup(Unit *u);
|
|
void unit_prune_cgroup(Unit *u);
|
|
int unit_watch_cgroup(Unit *u);
|
|
|
|
void unit_add_to_cgroup_empty_queue(Unit *u);
|
|
|
|
int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path);
|
|
|
|
int manager_setup_cgroup(Manager *m);
|
|
void manager_shutdown_cgroup(Manager *m, bool delete);
|
|
|
|
unsigned manager_dispatch_cgroup_realize_queue(Manager *m);
|
|
|
|
Unit *manager_get_unit_by_cgroup(Manager *m, const char *cgroup);
|
|
Unit *manager_get_unit_by_pid_cgroup(Manager *m, pid_t pid);
|
|
Unit* manager_get_unit_by_pid(Manager *m, pid_t pid);
|
|
|
|
int unit_search_main_pid(Unit *u, pid_t *ret);
|
|
int unit_watch_all_pids(Unit *u);
|
|
|
|
int unit_synthesize_cgroup_empty_event(Unit *u);
|
|
|
|
int unit_get_memory_current(Unit *u, uint64_t *ret);
|
|
int unit_get_tasks_current(Unit *u, uint64_t *ret);
|
|
int unit_get_cpu_usage(Unit *u, nsec_t *ret);
|
|
int unit_get_ip_accounting(Unit *u, CGroupIPAccountingMetric metric, uint64_t *ret);
|
|
|
|
int unit_reset_cpu_accounting(Unit *u);
|
|
int unit_reset_ip_accounting(Unit *u);
|
|
|
|
#define UNIT_CGROUP_BOOL(u, name) \
|
|
({ \
|
|
CGroupContext *cc = unit_get_cgroup_context(u); \
|
|
cc ? cc->name : false; \
|
|
})
|
|
|
|
bool manager_owns_root_cgroup(Manager *m);
|
|
bool unit_has_root_cgroup(Unit *u);
|
|
|
|
int manager_notify_cgroup_empty(Manager *m, const char *group);
|
|
|
|
void unit_invalidate_cgroup(Unit *u, CGroupMask m);
|
|
void unit_invalidate_cgroup_bpf(Unit *u);
|
|
|
|
void manager_invalidate_startup_units(Manager *m);
|
|
|
|
const char* cgroup_device_policy_to_string(CGroupDevicePolicy i) _const_;
|
|
CGroupDevicePolicy cgroup_device_policy_from_string(const char *s) _pure_;
|
|
|
|
bool unit_cgroup_delegate(Unit *u);
|