]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/scope.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #17732 from yuwata/core-use-synthetic_errno
[thirdparty/systemd.git] / src / core / scope.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <errno.h>
4 #include <unistd.h>
5
6 #include "alloc-util.h"
7 #include "dbus-scope.h"
8 #include "dbus-unit.h"
9 #include "load-dropin.h"
10 #include "log.h"
11 #include "process-util.h"
12 #include "scope.h"
13 #include "serialize.h"
14 #include "special.h"
15 #include "string-table.h"
16 #include "string-util.h"
17 #include "strv.h"
18 #include "unit-name.h"
19 #include "unit.h"
20
21 static const UnitActiveState state_translation_table[_SCOPE_STATE_MAX] = {
22 [SCOPE_DEAD] = UNIT_INACTIVE,
23 [SCOPE_RUNNING] = UNIT_ACTIVE,
24 [SCOPE_ABANDONED] = UNIT_ACTIVE,
25 [SCOPE_STOP_SIGTERM] = UNIT_DEACTIVATING,
26 [SCOPE_STOP_SIGKILL] = UNIT_DEACTIVATING,
27 [SCOPE_FAILED] = UNIT_FAILED
28 };
29
30 static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
31
32 static void scope_init(Unit *u) {
33 Scope *s = SCOPE(u);
34
35 assert(u);
36 assert(u->load_state == UNIT_STUB);
37
38 s->runtime_max_usec = USEC_INFINITY;
39 s->timeout_stop_usec = u->manager->default_timeout_stop_usec;
40 u->ignore_on_isolate = true;
41 }
42
43 static void scope_done(Unit *u) {
44 Scope *s = SCOPE(u);
45
46 assert(u);
47
48 s->controller = mfree(s->controller);
49 s->controller_track = sd_bus_track_unref(s->controller_track);
50
51 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
52 }
53
54 static int scope_arm_timer(Scope *s, usec_t usec) {
55 int r;
56
57 assert(s);
58
59 if (s->timer_event_source) {
60 r = sd_event_source_set_time(s->timer_event_source, usec);
61 if (r < 0)
62 return r;
63
64 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
65 }
66
67 if (usec == USEC_INFINITY)
68 return 0;
69
70 r = sd_event_add_time(
71 UNIT(s)->manager->event,
72 &s->timer_event_source,
73 CLOCK_MONOTONIC,
74 usec, 0,
75 scope_dispatch_timer, s);
76 if (r < 0)
77 return r;
78
79 (void) sd_event_source_set_description(s->timer_event_source, "scope-timer");
80
81 return 0;
82 }
83
84 static void scope_set_state(Scope *s, ScopeState state) {
85 ScopeState old_state;
86 assert(s);
87
88 if (s->state != state)
89 bus_unit_send_pending_change_signal(UNIT(s), false);
90
91 old_state = s->state;
92 s->state = state;
93
94 if (!IN_SET(state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
95 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
96
97 if (IN_SET(state, SCOPE_DEAD, SCOPE_FAILED)) {
98 unit_unwatch_all_pids(UNIT(s));
99 unit_dequeue_rewatch_pids(UNIT(s));
100 }
101
102 if (state != old_state)
103 log_debug("%s changed %s -> %s", UNIT(s)->id, scope_state_to_string(old_state), scope_state_to_string(state));
104
105 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], 0);
106 }
107
108 static int scope_add_default_dependencies(Scope *s) {
109 int r;
110
111 assert(s);
112
113 if (!UNIT(s)->default_dependencies)
114 return 0;
115
116 /* Make sure scopes are unloaded on shutdown */
117 r = unit_add_two_dependencies_by_name(
118 UNIT(s),
119 UNIT_BEFORE, UNIT_CONFLICTS,
120 SPECIAL_SHUTDOWN_TARGET, true,
121 UNIT_DEPENDENCY_DEFAULT);
122 if (r < 0)
123 return r;
124
125 return 0;
126 }
127
128 static int scope_verify(Scope *s) {
129 assert(s);
130 assert(UNIT(s)->load_state == UNIT_LOADED);
131
132 if (set_isempty(UNIT(s)->pids) &&
133 !MANAGER_IS_RELOADING(UNIT(s)->manager) &&
134 !unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
135 return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(ENOENT), "Scope has no PIDs. Refusing.");
136
137 return 0;
138 }
139
140 static int scope_load_init_scope(Unit *u) {
141 assert(u);
142
143 if (!unit_has_name(u, SPECIAL_INIT_SCOPE))
144 return 0;
145
146 u->transient = true;
147 u->perpetual = true;
148
149 /* init.scope is a bit special, as it has to stick around forever. Because of its special semantics we
150 * synthesize it here, instead of relying on the unit file on disk. */
151
152 u->default_dependencies = false;
153
154 /* Prettify things, if we can. */
155 if (!u->description)
156 u->description = strdup("System and Service Manager");
157 if (!u->documentation)
158 (void) strv_extend(&u->documentation, "man:systemd(1)");
159
160 return 1;
161 }
162
163 static int scope_add_extras(Scope *s) {
164 int r;
165
166 r = unit_patch_contexts(UNIT(s));
167 if (r < 0)
168 return r;
169
170 r = unit_set_default_slice(UNIT(s));
171 if (r < 0)
172 return r;
173
174 return scope_add_default_dependencies(s);
175 }
176
177 static int scope_load(Unit *u) {
178 Scope *s = SCOPE(u);
179 int r;
180
181 assert(s);
182 assert(u->load_state == UNIT_STUB);
183
184 if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
185 /* Refuse to load non-transient scope units, but allow them while reloading. */
186 return -ENOENT;
187
188 r = scope_load_init_scope(u);
189 if (r < 0)
190 return r;
191
192 r = unit_load_fragment_and_dropin(u, false);
193 if (r < 0)
194 return r;
195
196 if (u->load_state != UNIT_LOADED)
197 return 0;
198
199 r = scope_add_extras(s);
200 if (r < 0)
201 return r;
202
203 return scope_verify(s);
204 }
205
206 static usec_t scope_coldplug_timeout(Scope *s) {
207 assert(s);
208
209 switch (s->deserialized_state) {
210
211 case SCOPE_RUNNING:
212 return usec_add(UNIT(s)->active_enter_timestamp.monotonic, s->runtime_max_usec);
213
214 case SCOPE_STOP_SIGKILL:
215 case SCOPE_STOP_SIGTERM:
216 return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_stop_usec);
217
218 default:
219 return USEC_INFINITY;
220 }
221 }
222
223 static int scope_coldplug(Unit *u) {
224 Scope *s = SCOPE(u);
225 int r;
226
227 assert(s);
228 assert(s->state == SCOPE_DEAD);
229
230 if (s->deserialized_state == s->state)
231 return 0;
232
233 r = scope_arm_timer(s, scope_coldplug_timeout(s));
234 if (r < 0)
235 return r;
236
237 if (!IN_SET(s->deserialized_state, SCOPE_DEAD, SCOPE_FAILED)) {
238 if (u->pids) {
239 void *pidp;
240
241 SET_FOREACH(pidp, u->pids) {
242 r = unit_watch_pid(u, PTR_TO_PID(pidp), false);
243 if (r < 0 && r != -EEXIST)
244 return r;
245 }
246 } else
247 (void) unit_enqueue_rewatch_pids(u);
248 }
249
250 bus_scope_track_controller(s);
251
252 scope_set_state(s, s->deserialized_state);
253 return 0;
254 }
255
256 static void scope_dump(Unit *u, FILE *f, const char *prefix) {
257 Scope *s = SCOPE(u);
258 char buf_runtime[FORMAT_TIMESPAN_MAX];
259
260 assert(s);
261 assert(f);
262
263 fprintf(f,
264 "%sScope State: %s\n"
265 "%sResult: %s\n"
266 "%sRuntimeMaxSec: %s\n",
267 prefix, scope_state_to_string(s->state),
268 prefix, scope_result_to_string(s->result),
269 prefix, format_timespan(buf_runtime, sizeof(buf_runtime), s->runtime_max_usec, USEC_PER_SEC));
270
271 cgroup_context_dump(UNIT(s), f, prefix);
272 kill_context_dump(&s->kill_context, f, prefix);
273 }
274
275 static void scope_enter_dead(Scope *s, ScopeResult f) {
276 assert(s);
277
278 if (s->result == SCOPE_SUCCESS)
279 s->result = f;
280
281 unit_log_result(UNIT(s), s->result == SCOPE_SUCCESS, scope_result_to_string(s->result));
282 scope_set_state(s, s->result != SCOPE_SUCCESS ? SCOPE_FAILED : SCOPE_DEAD);
283 }
284
285 static void scope_enter_signal(Scope *s, ScopeState state, ScopeResult f) {
286 bool skip_signal = false;
287 int r;
288
289 assert(s);
290
291 if (s->result == SCOPE_SUCCESS)
292 s->result = f;
293
294 /* Before sending any signal, make sure we track all members of this cgroup */
295 (void) unit_watch_all_pids(UNIT(s));
296
297 /* Also, enqueue a job that we recheck all our PIDs a bit later, given that it's likely some processes have
298 * died now */
299 (void) unit_enqueue_rewatch_pids(UNIT(s));
300
301 /* If we have a controller set let's ask the controller nicely to terminate the scope, instead of us going
302 * directly into SIGTERM berserk mode */
303 if (state == SCOPE_STOP_SIGTERM)
304 skip_signal = bus_scope_send_request_stop(s) > 0;
305
306 if (skip_signal)
307 r = 1; /* wait */
308 else {
309 r = unit_kill_context(
310 UNIT(s),
311 &s->kill_context,
312 state != SCOPE_STOP_SIGTERM ? KILL_KILL :
313 s->was_abandoned ? KILL_TERMINATE_AND_LOG :
314 KILL_TERMINATE,
315 -1, -1, false);
316 if (r < 0)
317 goto fail;
318 }
319
320 if (r > 0) {
321 r = scope_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_stop_usec));
322 if (r < 0)
323 goto fail;
324
325 scope_set_state(s, state);
326 } else if (state == SCOPE_STOP_SIGTERM)
327 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_SUCCESS);
328 else
329 scope_enter_dead(s, SCOPE_SUCCESS);
330
331 return;
332
333 fail:
334 log_unit_warning_errno(UNIT(s), r, "Failed to kill processes: %m");
335
336 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
337 }
338
339 static int scope_start(Unit *u) {
340 Scope *s = SCOPE(u);
341 int r;
342
343 assert(s);
344
345 if (unit_has_name(u, SPECIAL_INIT_SCOPE))
346 return -EPERM;
347
348 if (s->state == SCOPE_FAILED)
349 return -EPERM;
350
351 /* We can't fulfill this right now, please try again later */
352 if (IN_SET(s->state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
353 return -EAGAIN;
354
355 assert(s->state == SCOPE_DEAD);
356
357 if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
358 return -ENOENT;
359
360 (void) bus_scope_track_controller(s);
361
362 r = unit_acquire_invocation_id(u);
363 if (r < 0)
364 return r;
365
366 (void) unit_realize_cgroup(u);
367 (void) unit_reset_accounting(u);
368
369 unit_export_state_files(u);
370
371 r = unit_attach_pids_to_cgroup(u, u->pids, NULL);
372 if (r < 0) {
373 log_unit_warning_errno(u, r, "Failed to add PIDs to scope's control group: %m");
374 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
375 return r;
376 }
377
378 /* Now u->pids have been moved into the scope cgroup, it's not needed
379 * anymore. */
380 u->pids = set_free(u->pids);
381
382 s->result = SCOPE_SUCCESS;
383
384 scope_set_state(s, SCOPE_RUNNING);
385
386 /* Set the maximum runtime timeout. */
387 scope_arm_timer(s, usec_add(UNIT(s)->active_enter_timestamp.monotonic, s->runtime_max_usec));
388
389 /* Start watching the PIDs currently in the scope */
390 (void) unit_enqueue_rewatch_pids(u);
391 return 1;
392 }
393
394 static int scope_stop(Unit *u) {
395 Scope *s = SCOPE(u);
396
397 assert(s);
398
399 if (IN_SET(s->state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
400 return 0;
401
402 assert(IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED));
403
404 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_SUCCESS);
405 return 1;
406 }
407
408 static void scope_reset_failed(Unit *u) {
409 Scope *s = SCOPE(u);
410
411 assert(s);
412
413 if (s->state == SCOPE_FAILED)
414 scope_set_state(s, SCOPE_DEAD);
415
416 s->result = SCOPE_SUCCESS;
417 }
418
419 static int scope_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
420 return unit_kill_common(u, who, signo, -1, -1, error);
421 }
422
423 static int scope_get_timeout(Unit *u, usec_t *timeout) {
424 Scope *s = SCOPE(u);
425 usec_t t;
426 int r;
427
428 if (!s->timer_event_source)
429 return 0;
430
431 r = sd_event_source_get_time(s->timer_event_source, &t);
432 if (r < 0)
433 return r;
434 if (t == USEC_INFINITY)
435 return 0;
436
437 *timeout = t;
438 return 1;
439 }
440
441 static int scope_serialize(Unit *u, FILE *f, FDSet *fds) {
442 Scope *s = SCOPE(u);
443 void *pidp;
444
445 assert(s);
446 assert(f);
447 assert(fds);
448
449 (void) serialize_item(f, "state", scope_state_to_string(s->state));
450 (void) serialize_bool(f, "was-abandoned", s->was_abandoned);
451
452 if (s->controller)
453 (void) serialize_item(f, "controller", s->controller);
454
455 SET_FOREACH(pidp, u->pids)
456 serialize_item_format(f, "pids", PID_FMT, PTR_TO_PID(pidp));
457
458 return 0;
459 }
460
461 static int scope_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
462 Scope *s = SCOPE(u);
463 int r;
464
465 assert(u);
466 assert(key);
467 assert(value);
468 assert(fds);
469
470 if (streq(key, "state")) {
471 ScopeState state;
472
473 state = scope_state_from_string(value);
474 if (state < 0)
475 log_unit_debug(u, "Failed to parse state value: %s", value);
476 else
477 s->deserialized_state = state;
478
479 } else if (streq(key, "was-abandoned")) {
480 int k;
481
482 k = parse_boolean(value);
483 if (k < 0)
484 log_unit_debug(u, "Failed to parse boolean value: %s", value);
485 else
486 s->was_abandoned = k;
487 } else if (streq(key, "controller")) {
488
489 r = free_and_strdup(&s->controller, value);
490 if (r < 0)
491 return log_oom();
492
493 } else if (streq(key, "pids")) {
494 pid_t pid;
495
496 if (parse_pid(value, &pid) < 0)
497 log_unit_debug(u, "Failed to parse pids value: %s", value);
498 else {
499 r = set_ensure_put(&u->pids, NULL, PID_TO_PTR(pid));
500 if (r < 0)
501 return r;
502 }
503 } else
504 log_unit_debug(u, "Unknown serialization key: %s", key);
505
506 return 0;
507 }
508
509 static void scope_notify_cgroup_empty_event(Unit *u) {
510 Scope *s = SCOPE(u);
511 assert(u);
512
513 log_unit_debug(u, "cgroup is empty");
514
515 if (IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
516 scope_enter_dead(s, SCOPE_SUCCESS);
517
518 /* If the cgroup empty notification comes when the unit is not active, we must have failed to clean
519 * up the cgroup earlier and should do it now. */
520 if (IN_SET(s->state, SCOPE_DEAD, SCOPE_FAILED))
521 unit_prune_cgroup(u);
522 }
523
524 static void scope_sigchld_event(Unit *u, pid_t pid, int code, int status) {
525 assert(u);
526
527 /* If we get a SIGCHLD event for one of the processes we were interested in, then we look for others to
528 * watch, under the assumption that we'll sooner or later get a SIGCHLD for them, as the original
529 * process we watched was probably the parent of them, and they are hence now our children. */
530
531 (void) unit_enqueue_rewatch_pids(u);
532 }
533
534 static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
535 Scope *s = SCOPE(userdata);
536
537 assert(s);
538 assert(s->timer_event_source == source);
539
540 switch (s->state) {
541
542 case SCOPE_RUNNING:
543 log_unit_warning(UNIT(s), "Scope reached runtime time limit. Stopping.");
544 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_TIMEOUT);
545 break;
546
547 case SCOPE_STOP_SIGTERM:
548 if (s->kill_context.send_sigkill) {
549 log_unit_warning(UNIT(s), "Stopping timed out. Killing.");
550 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_TIMEOUT);
551 } else {
552 log_unit_warning(UNIT(s), "Stopping timed out. Skipping SIGKILL.");
553 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
554 }
555
556 break;
557
558 case SCOPE_STOP_SIGKILL:
559 log_unit_warning(UNIT(s), "Still around after SIGKILL. Ignoring.");
560 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
561 break;
562
563 default:
564 assert_not_reached("Timeout at wrong time.");
565 }
566
567 return 0;
568 }
569
570 int scope_abandon(Scope *s) {
571 assert(s);
572
573 if (unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
574 return -EPERM;
575
576 if (!IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED))
577 return -ESTALE;
578
579 s->was_abandoned = true;
580
581 s->controller = mfree(s->controller);
582 s->controller_track = sd_bus_track_unref(s->controller_track);
583
584 scope_set_state(s, SCOPE_ABANDONED);
585
586 /* The client is no longer watching the remaining processes, so let's step in here, under the assumption that
587 * the remaining processes will be sooner or later reassigned to us as parent. */
588 (void) unit_enqueue_rewatch_pids(UNIT(s));
589
590 return 0;
591 }
592
593 _pure_ static UnitActiveState scope_active_state(Unit *u) {
594 assert(u);
595
596 return state_translation_table[SCOPE(u)->state];
597 }
598
599 _pure_ static const char *scope_sub_state_to_string(Unit *u) {
600 assert(u);
601
602 return scope_state_to_string(SCOPE(u)->state);
603 }
604
605 static void scope_enumerate_perpetual(Manager *m) {
606 Unit *u;
607 int r;
608
609 assert(m);
610
611 /* Let's unconditionally add the "init.scope" special unit
612 * that encapsulates PID 1. Note that PID 1 already is in the
613 * cgroup for this, we hence just need to allocate the object
614 * for it and that's it. */
615
616 u = manager_get_unit(m, SPECIAL_INIT_SCOPE);
617 if (!u) {
618 r = unit_new_for_name(m, sizeof(Scope), SPECIAL_INIT_SCOPE, &u);
619 if (r < 0) {
620 log_error_errno(r, "Failed to allocate the special " SPECIAL_INIT_SCOPE " unit: %m");
621 return;
622 }
623 }
624
625 u->transient = true;
626 u->perpetual = true;
627 SCOPE(u)->deserialized_state = SCOPE_RUNNING;
628
629 unit_add_to_load_queue(u);
630 unit_add_to_dbus_queue(u);
631 }
632
633 static const char* const scope_result_table[_SCOPE_RESULT_MAX] = {
634 [SCOPE_SUCCESS] = "success",
635 [SCOPE_FAILURE_RESOURCES] = "resources",
636 [SCOPE_FAILURE_TIMEOUT] = "timeout",
637 };
638
639 DEFINE_STRING_TABLE_LOOKUP(scope_result, ScopeResult);
640
641 const UnitVTable scope_vtable = {
642 .object_size = sizeof(Scope),
643 .cgroup_context_offset = offsetof(Scope, cgroup_context),
644 .kill_context_offset = offsetof(Scope, kill_context),
645
646 .sections =
647 "Unit\0"
648 "Scope\0"
649 "Install\0",
650 .private_section = "Scope",
651
652 .can_transient = true,
653 .can_delegate = true,
654 .can_fail = true,
655 .once_only = true,
656 .can_set_managed_oom = true,
657
658 .init = scope_init,
659 .load = scope_load,
660 .done = scope_done,
661
662 .coldplug = scope_coldplug,
663
664 .dump = scope_dump,
665
666 .start = scope_start,
667 .stop = scope_stop,
668
669 .kill = scope_kill,
670
671 .freeze = unit_freeze_vtable_common,
672 .thaw = unit_thaw_vtable_common,
673
674 .get_timeout = scope_get_timeout,
675
676 .serialize = scope_serialize,
677 .deserialize_item = scope_deserialize_item,
678
679 .active_state = scope_active_state,
680 .sub_state_to_string = scope_sub_state_to_string,
681
682 .sigchld_event = scope_sigchld_event,
683
684 .reset_failed = scope_reset_failed,
685
686 .notify_cgroup_empty = scope_notify_cgroup_empty_event,
687
688 .bus_set_property = bus_scope_set_property,
689 .bus_commit_properties = bus_scope_commit_properties,
690
691 .enumerate_perpetual = scope_enumerate_perpetual,
692 };
Unnamed repository; edit this file 'description' to name the repository.