| /* SPDX-License-Identifier: LGPL-2.1+ */ |
| #pragma once |
| |
| /*** |
| This file is part of systemd. |
| |
| Copyright 2013 Lennart Poettering |
| |
| systemd is free software; you can redistribute it and/or modify it |
| under the terms of the GNU Lesser General Public License as published by |
| the Free Software Foundation; either version 2.1 of the License, or |
| (at your option) any later version. |
| |
| systemd is distributed in the hope that it will be useful, but |
| WITHOUT ANY WARRANTY; without even the implied warranty of |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| Lesser General Public License for more details. |
| |
| You should have received a copy of the GNU Lesser General Public License |
| along with systemd; If not, see <http://www.gnu.org/licenses/>. |
| ***/ |
| |
| #include <stdbool.h> |
| |
| #include "cgroup-util.h" |
| #include "ip-address-access.h" |
| #include "list.h" |
| #include "time-util.h" |
| |
| typedef struct CGroupContext CGroupContext; |
| typedef struct CGroupDeviceAllow CGroupDeviceAllow; |
| typedef struct CGroupIODeviceWeight CGroupIODeviceWeight; |
| typedef struct CGroupIODeviceLimit CGroupIODeviceLimit; |
| typedef struct CGroupBlockIODeviceWeight CGroupBlockIODeviceWeight; |
| typedef struct CGroupBlockIODeviceBandwidth CGroupBlockIODeviceBandwidth; |
| |
| typedef enum CGroupDevicePolicy { |
| |
| /* When devices listed, will allow those, plus built-in ones, |
| if none are listed will allow everything. */ |
| CGROUP_AUTO, |
| |
| /* Everything forbidden, except built-in ones and listed ones. */ |
| CGROUP_CLOSED, |
| |
| /* Everythings forbidden, except for the listed devices */ |
| CGROUP_STRICT, |
| |
| _CGROUP_DEVICE_POLICY_MAX, |
| _CGROUP_DEVICE_POLICY_INVALID = -1 |
| } CGroupDevicePolicy; |
| |
| struct CGroupDeviceAllow { |
| LIST_FIELDS(CGroupDeviceAllow, device_allow); |
| char *path; |
| bool r:1; |
| bool w:1; |
| bool m:1; |
| }; |
| |
| struct CGroupIODeviceWeight { |
| LIST_FIELDS(CGroupIODeviceWeight, device_weights); |
| char *path; |
| uint64_t weight; |
| }; |
| |
| struct CGroupIODeviceLimit { |
| LIST_FIELDS(CGroupIODeviceLimit, device_limits); |
| char *path; |
| uint64_t limits[_CGROUP_IO_LIMIT_TYPE_MAX]; |
| }; |
| |
| struct CGroupBlockIODeviceWeight { |
| LIST_FIELDS(CGroupBlockIODeviceWeight, device_weights); |
| char *path; |
| uint64_t weight; |
| }; |
| |
| struct CGroupBlockIODeviceBandwidth { |
| LIST_FIELDS(CGroupBlockIODeviceBandwidth, device_bandwidths); |
| char *path; |
| uint64_t rbps; |
| uint64_t wbps; |
| }; |
| |
| struct CGroupContext { |
| bool cpu_accounting; |
| bool io_accounting; |
| bool blockio_accounting; |
| bool memory_accounting; |
| bool tasks_accounting; |
| bool ip_accounting; |
| |
| /* For unified hierarchy */ |
| uint64_t cpu_weight; |
| uint64_t startup_cpu_weight; |
| usec_t cpu_quota_per_sec_usec; |
| |
| uint64_t io_weight; |
| uint64_t startup_io_weight; |
| LIST_HEAD(CGroupIODeviceWeight, io_device_weights); |
| LIST_HEAD(CGroupIODeviceLimit, io_device_limits); |
| |
| uint64_t memory_low; |
| uint64_t memory_high; |
| uint64_t memory_max; |
| uint64_t memory_swap_max; |
| |
| LIST_HEAD(IPAddressAccessItem, ip_address_allow); |
| LIST_HEAD(IPAddressAccessItem, ip_address_deny); |
| |
| /* For legacy hierarchies */ |
| uint64_t cpu_shares; |
| uint64_t startup_cpu_shares; |
| |
| uint64_t blockio_weight; |
| uint64_t startup_blockio_weight; |
| LIST_HEAD(CGroupBlockIODeviceWeight, blockio_device_weights); |
| LIST_HEAD(CGroupBlockIODeviceBandwidth, blockio_device_bandwidths); |
| |
| uint64_t memory_limit; |
| |
| CGroupDevicePolicy device_policy; |
| LIST_HEAD(CGroupDeviceAllow, device_allow); |
| |
| /* Common */ |
| uint64_t tasks_max; |
| |
| bool delegate; |
| CGroupMask delegate_controllers; |
| }; |
| |
| /* Used when querying IP accounting data */ |
| typedef enum CGroupIPAccountingMetric { |
| CGROUP_IP_INGRESS_BYTES, |
| CGROUP_IP_INGRESS_PACKETS, |
| CGROUP_IP_EGRESS_BYTES, |
| CGROUP_IP_EGRESS_PACKETS, |
| _CGROUP_IP_ACCOUNTING_METRIC_MAX, |
| _CGROUP_IP_ACCOUNTING_METRIC_INVALID = -1, |
| } CGroupIPAccountingMetric; |
| |
| #include "unit.h" |
| |
| void cgroup_context_init(CGroupContext *c); |
| void cgroup_context_done(CGroupContext *c); |
| void cgroup_context_dump(CGroupContext *c, FILE* f, const char *prefix); |
| |
| CGroupMask cgroup_context_get_mask(CGroupContext *c); |
| |
| void cgroup_context_free_device_allow(CGroupContext *c, CGroupDeviceAllow *a); |
| void cgroup_context_free_io_device_weight(CGroupContext *c, CGroupIODeviceWeight *w); |
| void cgroup_context_free_io_device_limit(CGroupContext *c, CGroupIODeviceLimit *l); |
| void cgroup_context_free_blockio_device_weight(CGroupContext *c, CGroupBlockIODeviceWeight *w); |
| void cgroup_context_free_blockio_device_bandwidth(CGroupContext *c, CGroupBlockIODeviceBandwidth *b); |
| |
| CGroupMask unit_get_own_mask(Unit *u); |
| CGroupMask unit_get_delegate_mask(Unit *u); |
| CGroupMask unit_get_members_mask(Unit *u); |
| CGroupMask unit_get_siblings_mask(Unit *u); |
| CGroupMask unit_get_subtree_mask(Unit *u); |
| |
| CGroupMask unit_get_target_mask(Unit *u); |
| CGroupMask unit_get_enable_mask(Unit *u); |
| |
| bool unit_get_needs_bpf(Unit *u); |
| |
| void unit_update_cgroup_members_masks(Unit *u); |
| |
| char *unit_default_cgroup_path(Unit *u); |
| int unit_set_cgroup_path(Unit *u, const char *path); |
| int unit_pick_cgroup_path(Unit *u); |
| |
| int unit_realize_cgroup(Unit *u); |
| void unit_release_cgroup(Unit *u); |
| void unit_prune_cgroup(Unit *u); |
| int unit_watch_cgroup(Unit *u); |
| |
| void unit_add_to_cgroup_empty_queue(Unit *u); |
| |
| int unit_attach_pids_to_cgroup(Unit *u); |
| |
| int manager_setup_cgroup(Manager *m); |
| void manager_shutdown_cgroup(Manager *m, bool delete); |
| |
| unsigned manager_dispatch_cgroup_realize_queue(Manager *m); |
| |
| Unit *manager_get_unit_by_cgroup(Manager *m, const char *cgroup); |
| Unit *manager_get_unit_by_pid_cgroup(Manager *m, pid_t pid); |
| Unit* manager_get_unit_by_pid(Manager *m, pid_t pid); |
| |
| int unit_search_main_pid(Unit *u, pid_t *ret); |
| int unit_watch_all_pids(Unit *u); |
| |
| int unit_get_memory_current(Unit *u, uint64_t *ret); |
| int unit_get_tasks_current(Unit *u, uint64_t *ret); |
| int unit_get_cpu_usage(Unit *u, nsec_t *ret); |
| int unit_get_ip_accounting(Unit *u, CGroupIPAccountingMetric metric, uint64_t *ret); |
| |
| int unit_reset_cpu_accounting(Unit *u); |
| int unit_reset_ip_accounting(Unit *u); |
| |
| #define UNIT_CGROUP_BOOL(u, name) \ |
| ({ \ |
| CGroupContext *cc = unit_get_cgroup_context(u); \ |
| cc ? cc->name : false; \ |
| }) |
| |
| int manager_notify_cgroup_empty(Manager *m, const char *group); |
| |
| void unit_invalidate_cgroup(Unit *u, CGroupMask m); |
| void unit_invalidate_cgroup_bpf(Unit *u); |
| |
| void manager_invalidate_startup_units(Manager *m); |
| |
| const char* cgroup_device_policy_to_string(CGroupDevicePolicy i) _const_; |
| CGroupDevicePolicy cgroup_device_policy_from_string(const char *s) _pure_; |