Kamalesh Babulal [Wed, 15 Feb 2023 19:05:06 +0000 (12:05 -0700)]
pybindings: Fix a build warning on Fedora
While building python bindings on Fedora 34, gcc 11.3.1 triggers a
build warning:
[1/1] Cythonizing libcgroup.pyx
In file included from /usr/include/bits/libc-header-start.h:33,
from /usr/include/limits.h:26,
from /usr/lib/gcc/x86_64-redhat-linux/11/include/limits.h:203,
from /usr/lib/gcc/x86_64-redhat-linux/11/include/syslimits.h:7,
from /usr/lib/gcc/x86_64-redhat-linux/11/include/limits.h:34,
from /usr/include/python3.9/Python.h:11,
from libcgroup.c:25:
/usr/include/features.h:397:4: warning: #warning _FORTIFY_SOURCE requires compiling with optimization (-O) [-Wcpp]
397 | # warning _FORTIFY_SOURCE requires compiling with optimization (-O)
| ^~~~~~~
the reason being the default compiler flags for c/c++ includes
'-Wp,-D_FORTIFY_SOURCE=2' and '-D_FORTIFY_SOURCE=2'. Whereas Ubuntu
compilers include '-D_FORTIFY_SOURCE=2' option only. This can be
fixed by adding '-O2' to the CPP Flags in the pybinding Makefile and
there is no side effect in both Fedora and Ubuntu because by default
'-D_FORTIFY_SOURCE=2' is included. The Ubuntu automatically auto
includes '-D_FORTIFY_SOURCE=2' when '-O2' is passed but here it's been
already explicitly passed.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 07:52:13 +0000 (07:52 +0000)]
ftests: Add a test to validate cgx{get,set} systemd options (cgroup v2)
Add a test case to validate cgx{get, set} tool's systemd options on
cgroup unified setup mode.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 08:15:40
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
---------------------------------------------------------
setup 0.00
070-sudo-systemd_cgxget-cpu-settings-v2.py 3.00
teardown 0.00
---------------------------------------------------------
Total Run Time
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 07:40:25 +0000 (07:40 +0000)]
ftests: Add a test to validate cgx{get,set} systemd options (cgroup v1)
Add a test case to validate cgx(get, set} tool's systemd options on
cgroup legacy/hybrid setup modes.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 08:09:43
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
---------------------------------------------------------
setup 0.00
069-sudo-systemd_cgxget-cpu-settings-v1.py 2.74
teardown 0.00
---------------------------------------------------------
Total Run Time 2.74
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 07:38:08 +0000 (07:38 +0000)]
ftests: Add a test to validate cgexec's systemd options (cgroup v2)
Add a test case to validate cgexec tool's systemd options on cgroup
unified setup mode.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 07:57:18
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
--------------------------------------------
setup 0.00
068-sudo-systemd_cgexec-v2.py 5.53
teardown 0.00
--------------------------------------------
Total Run Time 5.53
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 07:29:03 +0000 (07:29 +0000)]
ftests: Add a test to validate cgexec's systemd options (cgroup v1)
Add a test case to validate cgexec tool's systemd options on cgroup
legacy/hybrid setup modes.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 07:48:48
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
--------------------------------------------
setup 0.00
067-sudo-systemd_cgexec-v1.py 5.32
teardown 0.00
--------------------------------------------
Total Run Time 5.32
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 09:00:12 +0000 (14:30 +0530)]
ftests: Add a test to validate cgclassify's systemd options (cgroup v2)
Add a test case to validate cgclassify tool's systemd options on cgroup
unified mode.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 07:43:23
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
------------------------------------------------
setup 0.00
066-sudo-systemd_cgclassify-v2.py 7.57
teardown 0.00
------------------------------------------------
Total Run Time 7.57
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 07:49:16 +0000 (07:49 +0000)]
ftests: Add a test to validate cgclassify's systemd options (cgroup v1)
Add a test case to validate cgclassify tool's systemd options on cgroup
legacy/hybrid setup modes.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 06:51:38
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
------------------------------------------------
setup 0.00
065-sudo-systemd_cgclassify-v1.py 7.38
teardown 0.00
------------------------------------------------
Total Run Time 7.38
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 06:45:43 +0000 (06:45 +0000)]
ftests: Add to test to validate cgset's systemd options (cgroup v2)
Add a test case to validate cgset tool's systemd options on cgroup
unified setup mode.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 14:38:30
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
-------------------------------------------
setup 0.00
064-sudo-systemd_cgset-v2.py 2.33
teardown 0.00
-------------------------------------------
Total Run Time 2.33
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Fri, 10 Feb 2023 06:41:50 +0000 (06:41 +0000)]
ftests: Add to test to validate cgset's systemd options (cgroup v1)
Add a test case to validate cgset tool's systemd options on cgroup
legacy and hybrid setup modes.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 12:53:35
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
-------------------------------------------
setup 0.00
063-sudo-systemd_cgset-v1.py 2.20
teardown 0.00
-------------------------------------------
Total Run Time 2.20
[Kamalesh improvised on the original test case] Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 06:37:07 +0000 (06:37 +0000)]
ftests: Add a test to validate cgget's systemd options (cgroup v2)
Add a test case to validate cgget tool's systemd options on cgroup
unified setup mode.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 12:00:26
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
------------------------------------------------------------
setup 0.00
062-sudo-g_flag_controller_only_systemd-v2.py 2.25
teardown 0.00
------------------------------------------------------------
Total Run Time 2.25
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Fri, 10 Feb 2023 06:31:16 +0000 (06:31 +0000)]
ftests: Add a test to validate cgget's systemd options (cgroup v1)
Add a test case to validate cgget tool's systemd options on cgroup
legacy/hybrid setup modes.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 08:42:19
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
------------------------------------------------------------
setup 0.00
061-sudo-g_flag_controller_only_systemd-v1.py 2.16
teardown 0.00
------------------------------------------------------------
Total Run Time 2.16
[Kamalesh improvised on the original test case] Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 06:22:06 +0000 (06:22 +0000)]
ftests: Add a test to validate systemd configurations
Add a test case to parse test different combination of valid and invalid
systemd configurations.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 08:33:41
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
-------------------------------------------------
setup 0.00
060-sudo-cgconfigparser-systemd.py 4.31
teardown 0.00
-------------------------------------------------
Total Run Time 4.31
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 06:39:11 +0000 (06:39 +0000)]
tests/systemd - Add more helpers for cgroup delegation
Add more helpers to work with systemd cgroup delegation, this patch
adds:
- remove_scope_slice_conf() to remove the cgconfig file created and
remove the scope cgroup and slice cgroups.
- write_config_with_pid() to write a cgconfig file with the systemd
configurations.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 06:02:42 +0000 (06:02 +0000)]
tests/cgroup - Add more helpers for cgroup delegation
Add more helpers to work with systemd cgroup delegation, this patch
adds:
- create_and_validate() to create cgroups and validate if they were
created under the delegate systemd subtree.
- exists() is called by create_and_validate() to perform the
validation part.
Suggested-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Thu, 2 Feb 2023 13:39:42 +0000 (13:39 +0000)]
ftests: Add ignore_systemd support to the CLI tools
Add ignore_systemd support (-b flag) to the CLI tools in the functional
tests, so that the functions calling the CLI tools are aware of the
delegated systemd subtree support in the tools and switch between cgroup
controllers root and systemd subtree using -b switch.
[Kamalesh extended the -b flags to some of the CLI tools] Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 05:45:22 +0000 (05:45 +0000)]
tests/cgroup: Add None as controller get_controller_mount_point()
Cgroup hybrid/unified setup modes support creating cgroups without
attaching them to any controller. Enhance get_controller_mount_point()
to support 'None' as a valid controller and return a mount point.
Kamalesh Babulal [Tue, 31 Jan 2023 06:24:37 +0000 (06:24 +0000)]
tools/cgexec: add support for default systemd delegation slice/scope
Enhance the cgexec tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if any, and
set it as the default systemd slice/scope in
systemd_default_cgroup. Setting it appends the slice/scope
name to the constructed default cgroup mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to
create a cgroup in another subtree or cgroup root hierarchy, they need
to use the absolute path. For example:
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:43 +0000 (14:13 +0000)]
tools/cgclassify: add support for default systemd delegation slice/scope
Enhance the cgclassify tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if
any, and set it as the default systemd slice/scope in
systemd_default_cgroup. Setting it appends the slice/scope
name to the constructed default cgroup mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to
create a cgroup in another subtree or cgroup root hierarchy, they need
to use the absolute path. For example:
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:38 +0000 (14:13 +0000)]
tools/lscgroup: add support for default systemd delegation slice/scope
Enhance the lscgroup tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if
any, and set it as the default systemd slice/scope in
systemd_default_cgroup. Setting it appends the slice/scope
name to the constructed default cgroup mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to
create a cgroup in another subtree or cgroup root hierarchy, they need
to use the absolute path. For example:
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:35 +0000 (14:13 +0000)]
tools/cgcreate: add support for default systemd delegation slice/scope
Enhance the cgcreate tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if
any, and set it as the default systemd slice/scope in
systemd_default_cgroup. Setting it appends the slice/scope
name to the constructed default cgroup mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to
create a cgroup in another subtree or cgroup root hierarchy, they need
to use the absolute path. For example:
tools/cgxset add support for default systemd delegation slice/scope
Enhance the cgxset tool to support default systemd delegation slice/scope,
if set in the cgconfig.conf's systemd setting. Parse the configuration
file and read the systemd::delegate setting, if any, and set it as
the default systemd slice/scope in systemd_default_cgroup.
Setting it appends the slice/scope name to the constructed default cgroup
mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to set
controller::value in a cgroup under another subtree or cgroup root
hierarchy, they need to use the absolute path. For example:
cgroup_root
/ \
/ \
systemd.slice* cgrp1
|
systemd.scope
|
cgrp-d1
* default system delegation slice/scope - read from cgconfig.conf
tools/cgxget: add support for default systemd delegation slice/scope
Enhance the cgxget tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if any, and
set it as the default systemd slice/scope in systemd_default_cgroup.
Setting it appends the slice/scope name to the constructed default cgroup
mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to get
details about the cgroups in another subtree or cgroup root hierarchy,
they need to use the absolute path. For example:
cgroup_root
/ \
/ \
systemd.slice* cgrp1
|
systemd.scope
|
cgrp-d1
* default system delegation slice/scope - read from cgconfig.conf
$ sudo cgxget -1 -r cpu.shares cgrp-d1
will display the cpu controller information under the
cgroup_root:systemd_default_cgroup:cgrp-d1
and for viewing the cpu controller information of cgrp1, the user
can use:
$ sudo cgxget -1 -r cpu.shares /cgrp1
or use the newly introduced -b switch to ignore the systemd
slice/scope:
$ sudo cgxget -b -1 -r cpu.shares /cgrp1
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
TJH: Fix minor typo in a comment where delegate was written instead
of setdefault
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:27 +0000 (14:13 +0000)]
tools/cgdelete: add support for default systemd delegation slice/scope
Enhance the cgdelete tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if any,
and set it as the default systemd slice/scope in systemd_default_cgroup.
Setting it appends the slice/scope name to the constructed default cgroup
mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to
delete the cgroups in another subtree or cgroup root hierarchy, they
need to use the absolute path. For example:
cgroup_root
/ \
/ \
systemd.slice* cgrp1
|
systemd.scope
|
cgrp-d1
* default system delegation slice/scope - read from cgconfig.conf
$ sudo cgdelete -g cpu:cgrp-d1
will delete the cgroup cgrp-d1 under the
cgroup_root:systemd_default_cgroup:cgrp-d1
and for deleting the cgroup cgrp1, the user can use:
$ sudo cgdelete -g cpu:/cgrp1
or use the newly introduced -b switch to ignore the systemd slice/scope:
$ sudo cgdelete -b -g cpu:cgrp1
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:25 +0000 (14:13 +0000)]
tools/cgset: add support for default systemd delegation slice/scope
Enhance the cgset tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if any,
and set it as the default systemd slice/scope in systemd_default_cgroup.
Setting it appends the slice/scope name to the constructed default cgroup
mount path.
When the user passes the relative cgroup name, it appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to set
controller::value in a cgroup under another subtree or cgroup root
hierarchy, they need to use the absolute path. For example:
cgroup_root
/ \
/ \
systemd.slice* cgrp1
|
systemd.scope
|
cgrp-d1
* default system delegation slice/scope - read from cgconfig.conf
$ sudo ./src/tools/cgset -r cpu.weight=99 cgrp-d1
will set the cpu controller::cpu.weight setting under the
cgroup_root:systemd_default_cgroup:cgrp-d1
and for setting the cpu controller information of cgrp1, the user can
use:
$ sudo ./src/tools/cgset -r cpu.weight=99 /cgrp1
or use the newly introduced -b switch to ignore the systemd slice/scope:
$ sudo ./src/tools/cgset -b -r cpu.weight=99 cgrp1
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:23 +0000 (14:13 +0000)]
tools/cgget: add support for default systemd delegation slice/scope
Enhance the cgget tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting.
Parse the configuration file and read the systemd::delegate setting,
if any, and set it as the default systemd slice/scope in
systemd_default_cgroup. Setting it appends the slice/scope name to
the constructed default cgroup mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to get
details about the cgroups in another subtree or cgroup root hierarchy,
they need to use the absolute path. For example:
cgroup_root
/ \
/ \
systemd.slice[1] cgrp1
|
systemd.scope
|
cgrp-d1
[1] default systemd delegation slice/scope - read from cgconfig.conf
$ sudo cgget -g cpu:cgrp-d1
will display the CPU controller information under the
cgroup_root:systemd_default_cgroup:cgrp-d1
and for viewing the CPU controller information of cgrp1, the user can
use:
$ sudo cgget -g cpu:/cgrp1
or use the newly introduced -b switch to ignore the systemd slice/scope:
$ sudo cgget -b -g cpu:cgrp
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
TJH: Fix minor typo in a comment where delegate was written instead
of setdefault
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:22 +0000 (14:13 +0000)]
tools/Makefile: add WITH_SYSTEMD CFLAGS
Introduce EXTRA_CFLAGS, "-DWITH_SYSTEMD" that will get passed to tools
and depending upon the configure options, enable and disable the systemd
support.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Introduce an API cgroup_set_default_systemd_cgroup(), that reads the
systemd_default_cgroup_file, if exists, and only sets the
systemd_default_cgroup path if both of the following conditions are met:
1. The minimum length of the default slice/scope read is 15
characters, because at the minimum it should be <n>.slice/<n>.scope.
2. Checks if the /sys/fs/cgroup/<systemd_default_cgroup> cgroup exists
and if it doesn't, it also deletes the systemd_default_cgroup_file
(/var/run/libcgroup/systemd) file.
this will be used by the tools and can be used by any applications
to set the default cgroup tree to systemd_default_cgroup after loading
the cgconfig.conf file(s).
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
samples/config: add a sample systemd delegation configuration
Add a sample cgconfig.conf configuration file, that serves as a template
for systemd delegation and how users can control the resources limit
allocation such as cpu, memory, or any other valid cgroup settings for
the systemd slice/scope cgroup created.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
cg_build_path() constructs the cgroup path to the mount point of the
given cgroup controller. With the support for the default systemd scope,
the default cgroup path for the controller, appends the slice/scope
name, making it the default cgroup root.
Allowing the users to set their default cgroup path from
'/sys/fs/cgroup/' to
'/sys/fs/cgroup/<systemd slice name>/<systemd scope name>/', while
using the libcgroup tools, allowing them to work on the delegated
cgroup hierarchy.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
config: Support systemd's slice/scope creation/delegation using configuration
Add support for the creation of systemd slices and scopes (transient).
Users can create a systemd slice and scope using the new setting
'systemd' in the cgconfig.conf.
systemd configuration requires two mandatory settings, slice and scope,
those represent the systemd slice and scope name and other optional
settings are 'setdefault', that allows the users to append one of the
systemd slice/scope name to as default cgroup root, making the delegated
subtree as the new cgroup root, i.e., the default cgroup path is
changed to '/sys/fs/cgroup/database.slice/db.scope/' from
'/sys/fs/cgroup/', this is useful to the libcgroup tools, where users
can work on new subtree hierarchy, they created and other optional
setting is pid, which can be used as the default task for transient
scope, created by us, by default a task that spins an idle loop is
created and set as default task.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
TJH: Fix minor typos in a couple comments where delegate was written
instead of setdefault
TJH: Explicitly initialize the list head and tail to NULL. May not be
needed but better safe than sorry
api.c: cg_build_path_locked() - work around snprintf() warnings
Recent gcc are unhappy when sizeof(dest) <= sizeof(src) with
snprintf()'s. We could need too many strncpy()'s and strcat()'s for
constructing file path, so let's workaround it by allocating long
enough space for keeping snprintf() happy and then use the temporarily
allocated array and use it as src for strncpy() with limit of
FILENAME_MAX.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Tue, 7 Feb 2023 23:28:50 +0000 (16:28 -0700)]
github: Add dependency checker action
Add an action, dependabot, that will periodically check GitHub Actions
dependencies. It is currently configured to run weekly. If dependabot
finds an update, it will open a pull request.
See here for more details:
https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Tue, 7 Feb 2023 23:27:11 +0000 (16:27 -0700)]
github: README: Update code quality analysis
LGTM code quality analysis is deprecated [1] and no longer generates
code quality information. Remove the LGTM badge and replace it with
a CodeQL badge. To facilitate this, move the CodeQL workflow into its
own workflow so that its status can be reported separately from the
automated tests.
tests/gunit: Extend the fuzzer to test cgroup_new_cgroup()
Add fuzzing to the cgroup_new_cgroup() API, by passing NULL as cgroup
name.
[----------] 2 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Thu, 2 Feb 2023 15:10:19 +0000 (08:10 -0700)]
github: Update actions to remove warnings
Update the setup-python action to v4 and the upload-artifact
action to v3. This should remove the following warnings:
Node.js 12 actions are deprecated. Please update the following
actions to use Node.js 16: actions/setup-python@v2. For more
information see:
https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/.
Node.js 12 actions are deprecated. Please update the following
actions to use Node.js 16: actions/upload-artifact@v2,
coverallsapp/github-action@master. For more information see:
https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Thu, 2 Feb 2023 15:09:52 +0000 (08:09 -0700)]
github: Update to checkout@v3
Update the checkout action to v3. This is to appease the
following warning:
Node.js 12 actions are deprecated. Please update the
following actions to use Node.js 16: actions/checkout@v2,
actions/setup-python@v2. For more information see:
https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Kamalesh Babulal [Tue, 31 Jan 2023 18:27:22 +0000 (11:27 -0700)]
tests/gunit: Add a simple fuzzer
Add a simple fuzzing test case that would exercise API's unlikely code
paths by passing NULL/negative values as arguments.
Output:
--------
[...]
[----------] 1 test from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[----------] 1 test from APIArgsTest (0 ms total)
to begin with, it exercises cgroup_set_permissions() by passing a NULL
pointer in place of struct cgroup. This test case will be extended to
cover almost all APIs.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 31 Jan 2023 18:27:06 +0000 (11:27 -0700)]
api: fix segfault in cgroup_set_permissions()
In cgroup_set_permissions(), we don't validate the cgroup and a NULL may
be passed to it in place of the cgroup, causing a segfault, when the
NULL pointer is dereferenced to set the permissions. This patch
introduces a check to validate the cgroup argument.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Fri, 27 Jan 2023 20:48:49 +0000 (13:48 -0700)]
github: Roll back distcheck and v1 functests to Ubuntu 20.04
Ubuntu 22.04 VMs hosted by Github cannot find the LXD package.
Revert back to Ubuntu 20.04 for the Dist Check and the v1
Functional Test jobs until Github gets this sorted out.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Fri, 27 Jan 2023 20:48:31 +0000 (13:48 -0700)]
ftests: Add a test to exercise invalid systemd parameters
Add a test that exercises invalid parameters to
cgroup_create_scope2().
-----------------------------------------------------------------
Test Results:
Run Date: Jan 25 09:32:58
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
--------------------------------------------------------
setup 0.00
059-sudo-invalid_systemd_create_scope2.py 0.00
teardown 0.00
--------------------------------------------------------
Total Run Time 0.00
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Fri, 27 Jan 2023 20:46:27 +0000 (13:46 -0700)]
ftests: Add a test for creating a systemd scope
Add a test to exercise cgroup_create_scope2().
-----------------------------------------------------------------
Test Results:
Run Date: Nov 18 16:12:16
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
------------------------------------------------
setup 0.00
058-sudo-systemd_create_scope2.py 2.05
teardown 0.00
------------------------------------------------
Total Run Time 2.05
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Fri, 27 Jan 2023 20:42:08 +0000 (13:42 -0700)]
ftests: Add a test for setting permissions
Add a test to exercise the python bindings to set permissions on
a cgroup.
-----------------------------------------------------------------
Test Results:
Run Date: Nov 17 22:00:51
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
---------------------------------------------
setup 0.00
057-sudo-set_permissions_v1.py 0.05
teardown 0.00
---------------------------------------------
Total Run Time 0.05
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Fri, 27 Jan 2023 20:40:09 +0000 (13:40 -0700)]
ftests: Add a test for setting permissions
Add a test to exercise the python bindings to set permissions on
a cgroup.
-----------------------------------------------------------------
Test Results:
Run Date: Nov 17 21:55:52
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
---------------------------------------------
setup 0.00
056-sudo-set_permissions_v2.py 0.05
teardown 0.00
---------------------------------------------
Total Run Time 0.05
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Fri, 27 Jan 2023 20:38:01 +0000 (13:38 -0700)]
ftests: Add a test for set uid/gid
Add a test to exercise the python bindings to set the uid/gid on
a cgroup.
-----------------------------------------------------------------
Test Results:
Run Date: Nov 17 21:10:08
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
-----------------------------------------
setup 0.00
055-sudo-set_uid_gid_v1.py 0.05
teardown 0.00
-----------------------------------------
Total Run Time 0.05
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Fri, 27 Jan 2023 20:34:45 +0000 (13:34 -0700)]
ftests: Add a test for set uid/gid
Add a test to exercise the python bindings to set the uid/gid on
a cgroup.
-----------------------------------------------------------------
Test Results:
Run Date: Nov 16 23:12:25
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
-----------------------------------------
setup 0.00
054-sudo-set_uid_gid_v2.py 0.02
teardown 0.00
-----------------------------------------
Total Run Time 0.02
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Fri, 27 Jan 2023 20:28:10 +0000 (13:28 -0700)]
ftests: Change util get uid/gid functions to return an int
get_file_owner_uid() and get_file_owner_gid() previously returned
the owning uid and gid as strings, respectively. Change them to
return the uid and gid as ints.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Fri, 27 Jan 2023 20:24:31 +0000 (13:24 -0700)]
systemd: Add cgroup_create_scope2()
Add cgroup_create_scope2() as a wrapper function around
cgroup_create_scope(). cgroup_create_scope2() is more libcgroup-ish
and utilizes struct cgroup rather than systemd-style parameters.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Kamalesh Babulal [Tue, 24 Jan 2023 19:39:11 +0000 (12:39 -0700)]
ftests: Add recursive cgdelete function test on shared mount
Add a test that tries deleting non-existing cgroups on shared mount
mount shared by controllers on cgroup v1.
-----------------------------------------------------------------
Test Results:
Run Date: Jan 23 09:21:48
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
----------------------------------------------------------------
setup 0.00
098-cgdelete-non-existing-shared-mnt-cgroup-v1.py 0.03
teardown 0.00
----------------------------------------------------------------
Total Run Time 0.03
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
TJH: Fix minor variable name typo. Also, add the new test to the EXTRA
DIST list in Makefile.am
Kamalesh Babulal [Tue, 24 Jan 2023 19:37:02 +0000 (12:37 -0700)]
tests-047: adopt the change to cgroup_delete_cgroup_ext()
With the bug fix to the cgroup_delete_cgroup_ext(), where calling
cgdelete twice back to back (not using -r option) on the cgroup created
on the mount point shared by the controller will fail. Adopt the
change in the API to testcase too.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 24 Jan 2023 19:35:48 +0000 (12:35 -0700)]
src/api: Fix cgroup_delete_cgroup_ext() on shared mount point
In cgroup v1, the controllers can share mount points and when the cgroup
is deleted on one of controller mount point (symlink), as the side effect
are deleted for the controllers sharing the mount point. But this might
not true always, the user might try call cgroup_delete_cgroup_ext() with
a cgroup that doesn't exist over the share mount point and still get the
return code to be zero.
Fix this issue by introducing cgrp_del_shared_mnt flag, that gets set
when deleting the cgroup on the first of the controllers sharing the
mount point and check the flag on the second controller mount point
to ensure that cgroup existed.
Tom Hromatka [Fri, 20 Jan 2023 23:21:08 +0000 (16:21 -0700)]
doc: Update the github release process
Remove the step to update the libcgroup-tests submodule. The
tests have been reincorporated back into the libcgroup repo
and this step is no longer needed.
Add instructions on running coverity.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Fri, 13 Jan 2023 20:41:32 +0000 (13:41 -0700)]
ftests/cgroup.py: add support to list shared mount point
Cgroup::get_cgroup_mounts(), could create a list of mount points and in
the case of shared mount points such as cpu,cpuacct in the cgroup v1. It
would only add a mount point for the last of the two controllers listed
as the mount point, for example:
cgroup /sys/fs/cgroup/cpu,cpuacct cgroup rw,nosuid,nodev,noexec,relatime,cpu,cpuacct 0 0
mount list will look over cpu controller. Add support to recognize and
add both controllers to the list of mount points.
Reported-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Khem Raj [Fri, 13 Jan 2023 19:44:07 +0000 (12:44 -0700)]
api: Use GNU strerror_r when available
GNU strerror_r is only available in glibc, musl impelents the XSI
version which is slightly different, therefore check if GNU version is
available before using it, otherwise use the XSI compliant version.
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
TJH: Minor formatting change so that the line doesn't exceed 100 chars
Kamalesh Babulal [Wed, 11 Jan 2023 17:39:55 +0000 (10:39 -0700)]
tools/cgxset: fix help/usage formatting
The help/usage output is misaligned, which is a mix of tabs and spaces.
Fix it by using only spaces for the alignment, so that we have a visual
representation of output in the code too, instead of having unaligned
info()'s needing to calculate the tabs stops always.
Before:
-------
Usage: cgxset [-r <name=value>] <cgroup_path> ...
or: cgxset --copy-from <source_cgroup_path> <cgroup_path> ...
Set the parameters of given cgroup(s)
-1, --v1 Provided parameters are in v1 format
-2, --v2 Provided parameters are in v2 format
-i, --ignore-unmappable Do not return an error for settings that cannot be converted
-r, --variable <name> Define parameter to set
--copy-from <source_cgroup_path> Control group whose parameters will be copied
After:
------
Usage: cgxset [-r <name=value>] <cgroup_path> ...
or: cgxset --copy-from <source_cgroup_path> <cgroup_path> ...
Set the parameters of given cgroup(s)
-1, --v1 Provided parameters are in v1 format
-2, --v2 Provided parameters are in v2 format
-i, --ignore-unmappable Do not return an error for settings that cannot be converted
-r, --variable <name> Define parameter to set
--copy-from <source_cgroup_path> Control group whose parameters will be copied
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 4 Jan 2023 21:08:18 +0000 (21:08 +0000)]
ftests: Add a test for cgroup_attach_task_pid()
Add a functional test for cgroup_attach_task_pid().
-----------------------------------------------------------------
Test Results:
Run Date: Jan 04 21:06:16
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
-------------------------------------------------
setup 0.00
053-sudo-cgroup_attach_task_pid.py 2.06
teardown 0.00
-------------------------------------------------
Total Run Time 2.06
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Wed, 4 Jan 2023 21:07:43 +0000 (21:07 +0000)]
ftests: Add a test for cgroup_attach_task()
Add a functional test for cgroup_attach_task()
-----------------------------------------------------------------
Test Results:
Run Date: Jan 04 21:03:14
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
---------------------------------------------
setup 0.00
052-sudo-cgroup_attach_task.py 0.02
teardown 0.00
---------------------------------------------
Total Run Time 0.02
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Tue, 20 Dec 2022 22:41:22 +0000 (22:41 +0000)]
ftests: Add a test for cgroup_get_cgroup()
Add a functional test to exercise cgroup_get_cgroup()
-----------------------------------------------------------------
Test Results:
Run Date: Dec 20 22:41:28
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
--------------------------------------------
setup 0.00
051-sudo-cgroup_get_cgroup.py 0.03
teardown 0.00
--------------------------------------------
Total Run Time 0.03
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Tue, 20 Dec 2022 22:38:43 +0000 (22:38 +0000)]
python: Add python bindings for several functions
Add python bindings for several C functions:
cgroup_get_cgroup()
cgroup_delete_cgroup()
cgroup_get_controller_count()
cgroup_get_controller_by_index()
cgroup_get_controller_name()
Also add two python methods to wrap cgroup_get_cgroup() and cgroup_delete() to
make these interfaces more pythonic. The other three C functions are used
internally to implement these pythonic methods.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Tue, 20 Dec 2022 22:35:54 +0000 (22:35 +0000)]
api: Add functions for iterating through the cgroup struct
Add functions to iterate through the cgroup structure:
cgroup_get_controller_count() - returns the number of controllers
within the cgroup struct
cgroup_get_controller_by_index() - returns the cgroup_controller
pointer corresponding with the requested index
cgroup_get_controller_name() - given a cgroup_controller pointer,
get the controller's name
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Wed, 21 Dec 2022 21:00:21 +0000 (14:00 -0700)]
cgsnapshot: Close tags in output file on errors
Close tags in the output file when cgsnapshot encounters an
error. For example, if cgsnapshot cannot translate a uid to a
username, the "perm {" tag still needs a closing "}".
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Kamalesh Babulal [Wed, 21 Dec 2022 15:46:26 +0000 (21:16 +0530)]
tools/cgsnapshot: limit the controller to search to user lists
is_ctlr_on_list(), returns on the first match of the list of controllers
the user has passed on the command line, this might serve as an
optimization but as a side effect we search through the whole list of
controllers, those the user has not asked for. Let's reset the list of
controllers to controllers available on wanted_consts array (list of
controllers required by the user) and controllers array (list of
available controllers).
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 20 Dec 2022 16:09:19 +0000 (21:39 +0530)]
gunit/test-015: Populate subtree_control for leaf cgroup
We no more rely on the cgroup's parent subtree_control file to verify
if a controller is enabled for a cgroup. So, populate the leaf/child
cgroups with subtree_control file similar to the parent cgroup.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 20 Dec 2022 16:09:13 +0000 (21:39 +0530)]
gunit/test-012: Create subtree_control for leaf cgroup
The test case relies on the parent cgroup's subtree_control file, while
creating a cgroup to verify the controllers enabled in created cgroup v2
and the current code cleverly emulates it. With the change to enable
the controller at the leaf cgroup this emulation gets difficult, so
introduce a dummy cgroup v2 mount that will help in the construction of
the path when the cgroup v2 is created with the empty controller because
the brilliance lies in emulating it by manually creating the
subtree_control file to give the impression of enabling the controller
in the cgroup v2 cgroup.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 20 Dec 2022 16:09:08 +0000 (21:39 +0530)]
api: cgroup v2 – read subtree_control of the leaf node
With cgroup v2, while checking if a controller is enabled for cgroup,
the tree is walked and checked up to the parent cgroup of the leaf node,
this guarantees that the controller available for the leaf cgroups in
the cgroup.controllers file, but this is incomplete because of the
controller can be both either enabled or disabled in the
cgroups.subtree_control file of the leaf cgroup.
Fix this ambiguity by reading until the leaf node's
cgroup.subtree_control file, instead.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 20 Dec 2022 16:09:02 +0000 (21:39 +0530)]
api: cgroup v2 – enable controller at the leaf node
With cgroup v2, while creating a cgroup with a controller, the whole
hierarchy tree is walked, and the controller is enabled up to the parent
cgroup of the leaf node, this guarantees that the attached controller is
available in the leaf cgroups cgroup.controllers file, but this is
incomplete because the controller is not enabled in the leaf cgroup.
We do not have a separate API that is called to enable the controllers
but as a workaround, one can always call the
cgroup_set_values_recursive() to enable the controller in the leaf node.
To maintain the idea/compatibility with the cgroup v1, where creating a
cgroup on the controller mount point/hierarchy is equivalent to enabling
the controller in the cgroup v2, let's enable the controller in the leaf
node too.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
The cgxget was forked from cgget and messages/warnings printed to the
user still carry cgget keyword, which might get confusing to the user.
Replace the warnings/errors/info displayed to the user, along with
non-history occurrences of 'cgget' -> 'cgxget' throughout the file.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Mon, 19 Dec 2022 16:18:44 +0000 (09:18 -0700)]
api.c: fix segfault in cgroup_attach_task_pid()
When the user passes NULL in place of struct cgroup argument, the pid
passed as the second parameter is expected to be attached to root
hierarchies of the controllers in the case of legacy/hybrid modes and
to the root hierarchy in the case of unified mode.
The current code will segfault, while attempting to dereference a NULL
pointer, fix it by using the controller names, from cg_mount_table(),
that is already populated with the information and also remove the
controller_is_enabled check is specific to the cgroup v2 hierarchy.
With the root cgroup v2 hierarchy, all the controllers are enabled by
default, hence the check returns true always.
Reproducer:
int main(int argc, char *argv[]) {
pid_t pid = atoi(argv[1]);
int ret;
ret = cgroup_init();
if (ret) {
printf("Failed to initialize: %s\n", cgroup_strerror(ret));
exit(1);
}
ret = cgroup_attach_task_pid(NULL, pid);
if (ret) {
printf("Failed to attach %d to root cgroup(s): %s\n", pid, cgroup_strerror(ret));
exit(1);
}
exit (0);
}
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 26 Oct 2022 16:21:03 +0000 (10:21 -0600)]
ftests: Add a test to create a systemd scope
-----------------------------------------------------------------
Test Results:
Run Date: Sep 06 14:46:15
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
-----------------------------------------------------
setup 0.00
049-sudo-systemd_create_scope.py 0.08
teardown 0.00
-----------------------------------------------------
Total Run Time 0.03
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Wed, 26 Oct 2022 16:19:03 +0000 (10:19 -0600)]
ftests: Add support for running 'sudo' suite of tests
Some tests require sudo support for python/C bindings. This is
awkward to implement using the Run() class and error prone.
Instead, invoke the entire test with sudo permissions via a separate
invocation of ftests.py. This ensures that existing tests (that
don't require sudo) remain the same and don't accidentally get
elevated privileges.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Wed, 26 Oct 2022 16:14:27 +0000 (10:14 -0600)]
systemd: Add function to create a systemd scope
Add a function, cgroup_create_scope(), to create a systemd
scope. This scope can be delegated, in other words the cgroup
management of this scope can be delegated away from systemd.
This is the official way to create a cgroup that systemd will
not interfere with.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Kamalesh Babulal [Mon, 31 Oct 2022 17:18:02 +0000 (11:18 -0600)]
github/workflows/continuous-intergation: Adopt SPDX License tag
Adopt SPDX license tag for all the source files, those already have
LGPL 2.1 boilerplate in them and those missing license information.
All the files in the project fall under project license, hence
explicitly adding LGPL-2.1-only identifier to the files missing license
information. Adopting SPDX license helps the compliance tools to
determine the license and also helps in reducing the repetitive license
boilerplate across source files.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Mon, 31 Oct 2022 17:17:50 +0000 (11:17 -0600)]
github/actions/setup-libcgroup: Adopt SPDX License tag
Adopt SPDX license tag for all the source files, those already have
LGPL 2.1 boilerplate in them and those missing license information.
All the files in the project fall under project license, hence
explicitly adding LGPL-2.1-only identifier to the files missing license
information. Adopting SPDX license helps the compliance tools to
determine the license and also helps in reducing the repetitive license
boilerplate across source files.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Mon, 31 Oct 2022 17:17:35 +0000 (11:17 -0600)]
github/actions/code-coverage: Adopt SPDX License tag
Adopt SPDX license tag for all the source files, those already have
LGPL 2.1 boilerplate in them and those missing license information.
All the files in the project fall under project license, hence
explicitly adding LGPL-2.1-only identifier to the files missing license
information. Adopting SPDX license helps the compliance tools to
determine the license and also helps in reducing the repetitive license
boilerplate across source files.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Mon, 31 Oct 2022 17:08:54 +0000 (11:08 -0600)]
tests: remove github/{actions,workflows}
Remove the GitHub actions and workflows from the tests directory, they
are not run anymore after the movement of libcgroup-tests into libcgroup
repo. Also, the libcgroup repo covers all the steps executed by
libcgroup-test actions/workflows.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Mon, 31 Oct 2022 17:05:12 +0000 (11:05 -0600)]
workflows/ci: add Python lint
Add Python lint to the GitHub workflow. This was previously part of
the libcgroup-test project GitHub workflow, which hosted most of the
python source code. Now that libcgroup-test is part of libcgroup repo,
let's add the lint workflow here too.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 25 Oct 2022 21:26:02 +0000 (15:26 -0600)]
api.c: fix resource leak in cg_chmod_path()
Fix resource leak, reported by Coverity Tool:
CID 276160 (#1 of 1): Resource leak (RESOURCE_LEAK)10. leaked_handle:
Handle variable fd going out of scope leaks the handle.
In cg_chmod_path(), the file descriptor checks for fd > 0, Coverity
warns about the possibility of the file descriptor being 0, fix it by
changing the check from '0' -> '-1'.
Fixes: 91cf2e4b7ceb ("api.c: fix file open in cg_chmod_path()") Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Tue, 18 Oct 2022 19:29:52 +0000 (19:29 +0000)]
ftests: Add test for cgroup_setup_mode()
Add a python bindings test for cgroup_setup_mode()
-----------------------------------------------------------------
Test Results:
Run Date: Oct 18 19:28:31
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
------------------------------------------------
setup 0.00
048-pybindings-get_cgroup_mode.py 0.00
teardown 0.00
------------------------------------------------
Total Run Time 0.00
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Tue, 18 Oct 2022 19:27:06 +0000 (19:27 +0000)]
ftests: Add function to get the cgroup mode
Add a function to the Cgroup class to get the cgroup mode. This
function is analogous to the C function, cgroup_setup_mode() and
can be used to verify the behavior of cgroup_setup_mode().
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Kamalesh Babulal [Mon, 10 Oct 2022 15:52:14 +0000 (21:22 +0530)]
tools/cgget: add support to print cgroup setup
Add a new switch (-m), that will print the current cgroup mode the
system/VM is booted it. It uses the API, cgroup_setup_mode() that
returns one of the modes (Legacy/Unified/Hybrid) the system is
booted with.
$ cgget -m
Legacy Mode (Cgroup v1 only).
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Mon, 10 Oct 2022 15:50:34 +0000 (21:20 +0530)]
api: Introduce a new API to find the cgroup setup mode
This patch introduces a new API to detect the current cgroup setup
mode (Legacy/Unified/Hybrid). The setup will depend on the Linux
Kernel's grub command line, the system/VM is booted with.
Uses cases:
Depending upon the cgroup setup, the users can enable or disable
features in their applications. Like some controllers are only available
on cgroup v2, so they might need to set/get settings for those available
controllers only.
Suggested-by: Tom Hromatka <tom.hromatka@oracle.com> Suggested-by: Michal Koutný <mkoutny@suse.com> Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
projects / thirdparty / libcgroup.git / log
