1 /* SPDX-License-Identifier: LGPL-2.1+ */
5 This file is part of systemd.
7 Copyright 2013 Lennart Poettering
9 systemd is free software; you can redistribute it and/or modify it
10 under the terms of the GNU Lesser General Public License as published by
11 the Free Software Foundation; either version 2.1 of the License, or
12 (at your option) any later version.
14 systemd is distributed in the hope that it will be useful, but
15 WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
19 You should have received a copy of the GNU Lesser General Public License
20 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25 #include "cgroup-util.h"
26 #include "ip-address-access.h"
28 #include "time-util.h"
30 typedef struct CGroupContext CGroupContext
;
31 typedef struct CGroupDeviceAllow CGroupDeviceAllow
;
32 typedef struct CGroupIODeviceWeight CGroupIODeviceWeight
;
33 typedef struct CGroupIODeviceLimit CGroupIODeviceLimit
;
34 typedef struct CGroupBlockIODeviceWeight CGroupBlockIODeviceWeight
;
35 typedef struct CGroupBlockIODeviceBandwidth CGroupBlockIODeviceBandwidth
;
37 typedef enum CGroupDevicePolicy
{
39 /* When devices listed, will allow those, plus built-in ones,
40 if none are listed will allow everything. */
43 /* Everything forbidden, except built-in ones and listed ones. */
46 /* Everythings forbidden, except for the listed devices */
49 _CGROUP_DEVICE_POLICY_MAX
,
50 _CGROUP_DEVICE_POLICY_INVALID
= -1
53 struct CGroupDeviceAllow
{
54 LIST_FIELDS(CGroupDeviceAllow
, device_allow
);
61 struct CGroupIODeviceWeight
{
62 LIST_FIELDS(CGroupIODeviceWeight
, device_weights
);
67 struct CGroupIODeviceLimit
{
68 LIST_FIELDS(CGroupIODeviceLimit
, device_limits
);
70 uint64_t limits
[_CGROUP_IO_LIMIT_TYPE_MAX
];
73 struct CGroupBlockIODeviceWeight
{
74 LIST_FIELDS(CGroupBlockIODeviceWeight
, device_weights
);
79 struct CGroupBlockIODeviceBandwidth
{
80 LIST_FIELDS(CGroupBlockIODeviceBandwidth
, device_bandwidths
);
86 struct CGroupContext
{
89 bool blockio_accounting
;
90 bool memory_accounting
;
91 bool tasks_accounting
;
94 /* For unified hierarchy */
96 uint64_t startup_cpu_weight
;
97 usec_t cpu_quota_per_sec_usec
;
100 uint64_t startup_io_weight
;
101 LIST_HEAD(CGroupIODeviceWeight
, io_device_weights
);
102 LIST_HEAD(CGroupIODeviceLimit
, io_device_limits
);
105 uint64_t memory_high
;
107 uint64_t memory_swap_max
;
109 LIST_HEAD(IPAddressAccessItem
, ip_address_allow
);
110 LIST_HEAD(IPAddressAccessItem
, ip_address_deny
);
112 /* For legacy hierarchies */
114 uint64_t startup_cpu_shares
;
116 uint64_t blockio_weight
;
117 uint64_t startup_blockio_weight
;
118 LIST_HEAD(CGroupBlockIODeviceWeight
, blockio_device_weights
);
119 LIST_HEAD(CGroupBlockIODeviceBandwidth
, blockio_device_bandwidths
);
121 uint64_t memory_limit
;
123 CGroupDevicePolicy device_policy
;
124 LIST_HEAD(CGroupDeviceAllow
, device_allow
);
130 CGroupMask delegate_controllers
;
133 /* Used when querying IP accounting data */
134 typedef enum CGroupIPAccountingMetric
{
135 CGROUP_IP_INGRESS_BYTES
,
136 CGROUP_IP_INGRESS_PACKETS
,
137 CGROUP_IP_EGRESS_BYTES
,
138 CGROUP_IP_EGRESS_PACKETS
,
139 _CGROUP_IP_ACCOUNTING_METRIC_MAX
,
140 _CGROUP_IP_ACCOUNTING_METRIC_INVALID
= -1,
141 } CGroupIPAccountingMetric
;
145 void cgroup_context_init(CGroupContext
*c
);
146 void cgroup_context_done(CGroupContext
*c
);
147 void cgroup_context_dump(CGroupContext
*c
, FILE* f
, const char *prefix
);
149 CGroupMask
cgroup_context_get_mask(CGroupContext
*c
);
151 void cgroup_context_free_device_allow(CGroupContext
*c
, CGroupDeviceAllow
*a
);
152 void cgroup_context_free_io_device_weight(CGroupContext
*c
, CGroupIODeviceWeight
*w
);
153 void cgroup_context_free_io_device_limit(CGroupContext
*c
, CGroupIODeviceLimit
*l
);
154 void cgroup_context_free_blockio_device_weight(CGroupContext
*c
, CGroupBlockIODeviceWeight
*w
);
155 void cgroup_context_free_blockio_device_bandwidth(CGroupContext
*c
, CGroupBlockIODeviceBandwidth
*b
);
157 CGroupMask
unit_get_own_mask(Unit
*u
);
158 CGroupMask
unit_get_delegate_mask(Unit
*u
);
159 CGroupMask
unit_get_members_mask(Unit
*u
);
160 CGroupMask
unit_get_siblings_mask(Unit
*u
);
161 CGroupMask
unit_get_subtree_mask(Unit
*u
);
163 CGroupMask
unit_get_target_mask(Unit
*u
);
164 CGroupMask
unit_get_enable_mask(Unit
*u
);
166 bool unit_get_needs_bpf(Unit
*u
);
168 void unit_update_cgroup_members_masks(Unit
*u
);
170 char *unit_default_cgroup_path(Unit
*u
);
171 int unit_set_cgroup_path(Unit
*u
, const char *path
);
172 int unit_pick_cgroup_path(Unit
*u
);
174 int unit_realize_cgroup(Unit
*u
);
175 void unit_release_cgroup(Unit
*u
);
176 void unit_prune_cgroup(Unit
*u
);
177 int unit_watch_cgroup(Unit
*u
);
179 void unit_add_to_cgroup_empty_queue(Unit
*u
);
181 int unit_attach_pids_to_cgroup(Unit
*u
);
183 int manager_setup_cgroup(Manager
*m
);
184 void manager_shutdown_cgroup(Manager
*m
, bool delete);
186 unsigned manager_dispatch_cgroup_realize_queue(Manager
*m
);
188 Unit
*manager_get_unit_by_cgroup(Manager
*m
, const char *cgroup
);
189 Unit
*manager_get_unit_by_pid_cgroup(Manager
*m
, pid_t pid
);
190 Unit
* manager_get_unit_by_pid(Manager
*m
, pid_t pid
);
192 int unit_search_main_pid(Unit
*u
, pid_t
*ret
);
193 int unit_watch_all_pids(Unit
*u
);
195 int unit_get_memory_current(Unit
*u
, uint64_t *ret
);
196 int unit_get_tasks_current(Unit
*u
, uint64_t *ret
);
197 int unit_get_cpu_usage(Unit
*u
, nsec_t
*ret
);
198 int unit_get_ip_accounting(Unit
*u
, CGroupIPAccountingMetric metric
, uint64_t *ret
);
200 int unit_reset_cpu_accounting(Unit
*u
);
201 int unit_reset_ip_accounting(Unit
*u
);
203 #define UNIT_CGROUP_BOOL(u, name) \
205 CGroupContext *cc = unit_get_cgroup_context(u); \
206 cc ? cc->name : false; \
209 int manager_notify_cgroup_empty(Manager
*m
, const char *group
);
211 void unit_invalidate_cgroup(Unit
*u
, CGroupMask m
);
212 void unit_invalidate_cgroup_bpf(Unit
*u
);
214 void manager_invalidate_startup_units(Manager
*m
);
216 const char* cgroup_device_policy_to_string(CGroupDevicePolicy i
) _const_
;
217 CGroupDevicePolicy
cgroup_device_policy_from_string(const char *s
) _pure_
;