picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

nspawn: cleanup and chown the synced cgroup hierarchy (#4223) 

Fixes: #4181
This commit is contained in:
Evgeny Vereshchagin 2016-10-13 16:50:46 +03:00 committed by Zbigniew Jędrzejewski-Szmek
parent c1a9199ec4
commit f0bef277a4
7 changed files with 93 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/basic/cgroup-util.c
View File

@ -2514,6 +2514,20 @@ int cg_blkio_weight_parse(const char *s, uint64_t *ret) {
return 0;
}
bool is_cgroup_fs(const struct statfs *s) {
return is_fs_type(s, CGROUP_SUPER_MAGIC) ||
is_fs_type(s, CGROUP2_SUPER_MAGIC);
}
bool fd_is_cgroup_fs(int fd) {
struct statfs s;
if (fstatfs(fd, &s) < 0)
return -errno;
return is_cgroup_fs(&s);
}
static const char *cgroup_controller_table[_CGROUP_CONTROLLER_MAX] = {
[CGROUP_CONTROLLER_CPU] = "cpu",
[CGROUP_CONTROLLER_CPUACCT] = "cpuacct",

4
src/basic/cgroup-util.h
View File

@ -23,6 +23,7 @@
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <sys/statfs.h>
#include <sys/types.h>
#include "def.h"
@ -254,3 +255,6 @@ CGroupController cgroup_controller_from_string(const char *s) _pure_;
int cg_weight_parse(const char *s, uint64_t *ret);
int cg_cpu_shares_parse(const char *s, uint64_t *ret);
int cg_blkio_weight_parse(const char *s, uint64_t *ret);
bool is_cgroup_fs(const struct statfs *s);
bool fd_is_cgroup_fs(int fd);

14
src/basic/rm-rf.c
View File

@ -27,6 +27,7 @@
#include <unistd.h>
#include "btrfs-util.h"
#include "cgroup-util.h"
#include "fd-util.h"
#include "log.h"
#include "macro.h"
@ -36,9 +37,14 @@
#include "stat-util.h"
#include "string-util.h"
static bool is_physical_fs(const struct statfs *sfs) {
return !is_temporary_fs(sfs) && !is_cgroup_fs(sfs);
}
int rm_rf_children(int fd, RemoveFlags flags, struct stat *root_dev) {
_cleanup_closedir_ DIR *d = NULL;
int ret = 0, r;
struct statfs sfs;
assert(fd >= 0);
@ -47,13 +53,13 @@ int rm_rf_children(int fd, RemoveFlags flags, struct stat *root_dev) {
if (!(flags & REMOVE_PHYSICAL)) {
r = fd_is_temporary_fs(fd);
r = fstatfs(fd, &sfs);
if (r < 0) {
safe_close(fd);
return r;
return -errno;
}
if (!r) {
if (is_physical_fs(&sfs)) {
/* We refuse to clean physical file systems
* with this call, unless explicitly
* requested. This is extra paranoia just to
@ -210,7 +216,7 @@ int rm_rf(const char *path, RemoveFlags flags) {
if (statfs(path, &s) < 0)
return -errno;
if (!is_temporary_fs(&s)) {
if (is_physical_fs(&s)) {
log_error("Attempted to remove disk file system, and we can't allow that.");
return -EPERM;
}

53
src/nspawn/nspawn-cgroup.c
View File

@ -25,27 +25,18 @@
#include "mkdir.h"
#include "mount-util.h"
#include "nspawn-cgroup.h"
#include "rm-rf.h"
#include "string-util.h"
#include "strv.h"
#include "util.h"
int chown_cgroup(pid_t pid, uid_t uid_shift) {
_cleanup_free_ char *path = NULL, *fs = NULL;
static int chown_cgroup_path(const char *path, uid_t uid_shift) {
_cleanup_close_ int fd = -1;
const char *fn;
int r;
r = cg_pid_get_path(NULL, pid, &path);
if (r < 0)
return log_error_errno(r, "Failed to get container cgroup path: %m");
r = cg_get_path(SYSTEMD_CGROUP_CONTROLLER, path, NULL, &fs);
if (r < 0)
return log_error_errno(r, "Failed to get file system path for container cgroup: %m");
fd = open(fs, O_RDONLY|O_CLOEXEC|O_DIRECTORY);
fd = open(path, O_RDONLY|O_CLOEXEC|O_DIRECTORY);
if (fd < 0)
return log_error_errno(errno, "Failed to open %s: %m", fs);
return -errno;
FOREACH_STRING(fn,
".",
@ -63,7 +54,27 @@ int chown_cgroup(pid_t pid, uid_t uid_shift) {
return 0;
}
int sync_cgroup(pid_t pid, CGroupUnified unified_requested) {
int chown_cgroup(pid_t pid, uid_t uid_shift) {
_cleanup_free_ char *path = NULL, *fs = NULL;
_cleanup_close_ int fd = -1;
int r;
r = cg_pid_get_path(NULL, pid, &path);
if (r < 0)
return log_error_errno(r, "Failed to get container cgroup path: %m");
r = cg_get_path(SYSTEMD_CGROUP_CONTROLLER, path, NULL, &fs);
if (r < 0)
return log_error_errno(r, "Failed to get file system path for container cgroup: %m");
r = chown_cgroup_path(fs, uid_shift);
if (r < 0)
return log_error_errno(r, "Failed to chown() cgroup %s: %m", fs);
return 0;
}
int sync_cgroup(pid_t pid, CGroupUnified unified_requested, uid_t arg_uid_shift) {
_cleanup_free_ char *cgroup = NULL;
char tree[] = "/tmp/unifiedXXXXXX", pid_string[DECIMAL_STR_MAX(pid) + 1];
bool undo_mount = false;
@ -101,14 +112,26 @@ int sync_cgroup(pid_t pid, CGroupUnified unified_requested) {
undo_mount = true;
/* If nspawn dies abruptly the cgroup hierarchy created below
* its unit isn't cleaned up. So, let's remove it
* https://github.com/systemd/systemd/pull/4223#issuecomment-252519810 */
fn = strjoina(tree, cgroup);
(void) rm_rf(fn, REMOVE_ROOT|REMOVE_ONLY_DIRECTORIES);
fn = strjoina(tree, cgroup, "/cgroup.procs");
(void) mkdir_parents(fn, 0755);
sprintf(pid_string, PID_FMT, pid);
r = write_string_file(fn, pid_string, 0);
if (r < 0)
if (r < 0) {
log_error_errno(r, "Failed to move process: %m");
goto finish;
}
fn = strjoina(tree, cgroup);
r = chown_cgroup_path(fn, arg_uid_shift);
if (r < 0)
log_error_errno(r, "Failed to chown() cgroup %s: %m", fn);
finish:
if (undo_mount)
(void) umount_verbose(tree);

2
src/nspawn/nspawn-cgroup.h
View File

@ -25,5 +25,5 @@
#include "cgroup-util.h"
int chown_cgroup(pid_t pid, uid_t uid_shift);
int sync_cgroup(pid_t pid, CGroupUnified unified_requested);
int sync_cgroup(pid_t pid, CGroupUnified unified_requested, uid_t uid_shift);
int create_subcgroup(pid_t pid, CGroupUnified unified_requested);

2
src/nspawn/nspawn.c
View File

@ -3879,7 +3879,7 @@ static int run(int master,
return r;
}
r = sync_cgroup(*pid, arg_unified_cgroup_hierarchy);
r = sync_cgroup(*pid, arg_unified_cgroup_hierarchy, arg_uid_shift);
if (r < 0)
return r;

25
src/test/test-cgroup-util.c
View File

@ -24,6 +24,7 @@
#include "formats-util.h"
#include "parse-util.h"
#include "process-util.h"
#include "stat-util.h"
#include "string-util.h"
#include "test-helper.h"
#include "user-util.h"
@ -309,6 +310,28 @@ static void test_mask_supported(void) {
printf("'%s' is supported: %s\n", cgroup_controller_to_string(c), yes_no(m & CGROUP_CONTROLLER_TO_MASK(c)));
}
static void test_is_cgroup_fs(void) {
struct statfs sfs;
assert_se(statfs("/sys/fs/cgroup", &sfs) == 0);
if (is_temporary_fs(&sfs))
assert_se(statfs("/sys/fs/cgroup/systemd", &sfs) == 0);
assert_se(is_cgroup_fs(&sfs));
}
static void test_fd_is_cgroup_fs(void) {
int fd;
fd = open("/sys/fs/cgroup", O_RDONLY|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW);
assert_se(fd >= 0);
if (fd_is_temporary_fs(fd)) {
fd = safe_close(fd);
fd = open("/sys/fs/cgroup/systemd", O_RDONLY|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW);
assert_se(fd >= 0);
}
assert_se(fd_is_cgroup_fs(fd));
fd = safe_close(fd);
}
int main(void) {
test_path_decode_unit();
test_path_get_unit();
@ -324,6 +347,8 @@ int main(void) {
test_slice_to_path();
test_shift_path();
TEST_REQ_RUNNING_SYSTEMD(test_mask_supported());
TEST_REQ_RUNNING_SYSTEMD(test_is_cgroup_fs());
TEST_REQ_RUNNING_SYSTEMD(test_fd_is_cgroup_fs());
return 0;
}