Tom Hromatka [Thu, 2 Mar 2023 23:25:12 +0000 (16:25 -0700)]
wrapper: Add cgroup v2 support to cgroup_add_all_controllers()
Add cgroup v2 support to cgroup_add_all_controllers(). For cgroup v1
(both legacy and hybrid), cgroup_add_all_controllers() reads
/proc/cgroups. For cgroup v2, cgroup_add_all_controllers() reads the
cgroup's cgroup.controllers file.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Kamalesh Babulal [Tue, 21 Mar 2023 09:12:30 +0000 (09:12 +0000)]
gunit/009: adopt the cgroup_set_values_recursive() changes
cgroup_set_values_recursive(), third argument ignore_non_dirty_values no
more suppress the errors but skips writing of the controller setting
that isn't marked dirty, propagate the changes to the test cases too.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 21 Mar 2023 09:06:16 +0000 (09:06 +0000)]
api: cgroup_copy_controller_values() mark settings dirty
Copying controllers settings from source to destination cgroups,
overwrites the value of the destination cgroup controller and hence
the dirty flag for all the controller settings should be
unconditionally set.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 21 Mar 2023 09:04:46 +0000 (09:04 +0000)]
api.c: write dirty settings only in cgroup_set_values_recursive()
cgroup_set_values_recursive() is called by cgroup_modify_cgroup() to
modify controller values, where all the settings modified or not are
written to the disk. This breaks when writing a new value of a setting
that is linked to another setting of the controller, followed by writing
an unmodified value to the linked setting. This effectively undoes the
modification. For example, consider two linked settings of the cpu
controller: cpu.weight and cpu.weight.nice, where writing the new value
of cpu.weight is followed by unmodified cpu.weight.nice value. Writing
of the latter will undo the new value of the former.
Reproducer:
-----------
int print_cpu_weight()
{
FILE *fp;
char value[10];
fp = fopen(PROC_CPU_WEIGHT, "r");
if (!fp) {
fprintf(stderr, "Failed to open %s\n", PROC_CPU_WEIGHT);
return 1;
}
int main(void)
{
struct cgroup_controller *cgc;
struct cgroup *cgroup;
int ret;
ret = cgroup_init();
if (ret) {
fprintf(stderr, "cgroup initialization failed\n");
exit (1);
}
/* Create */
cgroup = cgroup_new_cgroup(CGRP_NAME);
if (!cgroup) {
fprintf(stderr, "Failed to allocate cgroup %s\n", CGRP_NAME);
exit(1);
}
cgc = cgroup_add_controller(cgroup, CTRL_NAME);
if (!cgc) {
fprintf(stderr, "Failed to add controller %s\n", CTRL_NAME);
exit (1);
}
ret = cgroup_create_cgroup(cgroup, 0);
if (ret) {
fprintf(stderr, "Failed to create cgroup %s\n", CGRP_NAME);
goto out;
}
ret = print_cpu_weight();
if (ret)
goto out;
cgroup_free(&cgroup);
/* Load and modify */
cgroup = cgroup_new_cgroup(CGRP_NAME);
if (!cgroup) {
fprintf(stderr, "Failed to allocate cgroup %s\n", CGRP_NAME);
exit(1);
}
ret = cgroup_get_cgroup(cgroup);
if (ret) {
fprintf(stderr, "Failed to get cgroup %s\n", CGRP_NAME);
goto out;
}
cgc = NULL;
cgc = cgroup_get_controller(cgroup, CTRL_NAME);
if (!cgc) {
fprintf(stderr, "Failed to get controller %s\n", CTRL_NAME);
exit (1);
}
ret = cgroup_set_value_string(cgc, CTRL_SETTING, "8");
if (ret) {
fprintf(stderr, "Failed to set the %s value\n", CTRL_SETTING);
goto out;
}
ret = cgroup_modify_cgroup(cgroup);
if (ret) {
fprintf(stderr, "Failed to modify cgroup\n");\
goto out;
}
ret = print_cpu_weight();
if (ret)
goto out;
out:
cgroup_free(&cgroup);
return 0;
}
This patch additionally cleans up cgroup_set_values_recursive(), by
renaming the third argument ignore_non_dirty_failure to
ignore_non_dirty_values. This rename also changes the purpose of the
flag, where the calling functions, set it to ignore the writing of the
controller setting, which is not modified/dirty and introduces extensive
checks for writing the controller setting.
Fixes: https://github.com/libcgroup/libcgroup/issues/323 Reported-by: Justin Israel <justinisrael@gmail.com>
[Justin contributed to the reproducer] Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
tests/gunit: Extend the fuzzer to test cgroup_get_value_bool()
Add fuzzing to the cgroup_get_value_bool() API, by passing combination
of valid/NULL as arguments to the API.
[----------] 13 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
[ OK ] APIArgsTest.API_cgroup_new_cgroup (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_string
[ OK ] APIArgsTest.API_cgroup_set_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_string
[ OK ] APIArgsTest.API_cgroup_get_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_controller
[ OK ] APIArgsTest.API_cgroup_add_controller (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_value_string
[ OK ] APIArgsTest.API_cgroup_add_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_uid_gid
[ OK ] APIArgsTest.API_cgroup_get_uid_gid (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_int64
[ OK ] APIArgsTest.API_cgroup_set_value_int64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_int64
[ OK ] APIArgsTest.API_cgroup_get_value_int64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_uint64
[ OK ] APIArgsTest.API_cgroup_set_value_uint64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_uint64
[ OK ] APIArgsTest.API_cgroup_get_value_uint64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_bool
[ OK ] APIArgsTest.API_cgroup_set_value_bool (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_bool
[ OK ] APIArgsTest.API_cgroup_get_value_bool (0 ms)
[----------] 13 tests from APIArgsTest (1 ms total)
The second and third arguments passed to cgroup_get_value_bool() are of
type pointers and the user might pass NULL in place of one or both of
the arguments, causing a segfault. The reason is, argument values are
used without checks, fix it by checking for NULL pointers before
proceeding.
Reproducer:
-----------
#include <stdlib.h>
#include <libcgroup.h>
int main(void)
{
struct cgroup_controller *cgc;
struct cgroup *cgrp;
int ret;
ret = cgroup_init();
if (ret)
exit(1);
cgrp = cgroup_new_cgroup("fuzzer");
if (!cgrp)
exit(1);
cgc = cgroup_add_controller(cgrp, "cpuset");
if (!cgc)
exit(1);
ret = cgroup_add_value_string(cgc, "cpuset.cpu_exclusive", "0");
if (ret)
exit (1);
cgroup_get_value_bool(cgc, "cpuset.cpu_exclusive", NULL);
//should not reach here
return 0;
}
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
The test cases, that cover the unlikely conditions, are numbered in the
reverse starting from 999, similarly, test case 098 tries to delete a
non-existent shared point. Re-number it from '099' -> '998' to hint
at the nature of the test case.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
tests/gunit: Extend the fuzzer to test cgroup_set_value_bool()
Add fuzzing to the cgroup_set_value_bool() API, by passing combination
of valid/NULL as arguments to the API.
[----------] 12 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (1 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
[ OK ] APIArgsTest.API_cgroup_new_cgroup (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_string
[ OK ] APIArgsTest.API_cgroup_set_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_string
[ OK ] APIArgsTest.API_cgroup_get_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_controller
[ OK ] APIArgsTest.API_cgroup_add_controller (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_value_string
[ OK ] APIArgsTest.API_cgroup_add_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_uid_gid
[ OK ] APIArgsTest.API_cgroup_get_uid_gid (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_int64
[ OK ] APIArgsTest.API_cgroup_set_value_int64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_int64
[ OK ] APIArgsTest.API_cgroup_get_value_int64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_uint64
[ OK ] APIArgsTest.API_cgroup_set_value_uint64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_uint64
[ OK ] APIArgsTest.API_cgroup_get_value_uint64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_bool
[ OK ] APIArgsTest.API_cgroup_set_value_bool (0 ms)
[----------] 12 tests from APIArgsTest (1 ms total)
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
The second argument passed to cgroup_set_value_bool() is of type
char * and the user might pass NULL in the place of the argument,
causing a segfault. The reason is, argument values are used without
checks, fix it by checking for NULL pointers before proceeding.
Reproducer:
----------
#include <stdlib.h>
#include <libcgroup.h>
int main(void)
{
struct cgroup_controller *cgc;
struct cgroup *cgrp;
int ret;
ret = cgroup_init();
if (ret)
exit(1);
cgrp = cgroup_new_cgroup("fuzzer");
if (!cgrp)
exit(1);
cgc = cgroup_add_controller(cgrp, "cpuset");
if (!cgc)
exit(1);
ret = cgroup_add_value_string(cgc, "cpuset.cpu_exclusive", "0");
if (ret)
exit (1);
cgroup_set_value_bool(cgc, NULL, 0);
//should not reach here
return 0;
}
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
tools/cgxset: check for delimiter in name_value string
While parsing -r option for name, and value pairs, we rely on strtok()
to return NULL, when there is no delimiter and lhf/rhf can't be mapped
into the name, and value tokens. This assumption is not true, strtok()
returns the whole string when it doesn't find the delimiter. Operating
under this assumption also segfaults later in the code. Fix it, by
checking for the presence of a delimiter in the passed name_value_str
in parse_r_flag(). This also initializes the pointer to NULL, to avoid
reading them before assignment in the error path.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
tools/cgset: check for delimiter in name_value string
While parsing -r option for name, and value pairs, we rely on strtok()
to return NULL, when there is no delimiter and lhf/rhf can't be mapped
into the name, and value tokens. This assumption is not true, strtok()
returns the whole string when it doesn't find the delimiter. Operating
under this assumption also segfaults later in the code. Fix it, by
checking for the presence of a delimiter in the passed name_value_str
in parse_r_flag(). This also initializes the pointer to NULL, to
avoid reading them before assignment in the error path.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
tests/gunit: Extend the fuzzer to test cgroup_get_value_uint64()
Add fuzzing to the cgroup_get_value_uint64() API, by passing combination
of valid/NULL as arguments to the API.
[----------] 11 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
[ OK ] APIArgsTest.API_cgroup_new_cgroup (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_string
[ OK ] APIArgsTest.API_cgroup_set_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_string
[ OK ] APIArgsTest.API_cgroup_get_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_controller
[ OK ] APIArgsTest.API_cgroup_add_controller (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_value_string
[ OK ] APIArgsTest.API_cgroup_add_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_uid_gid
[ OK ] APIArgsTest.API_cgroup_get_uid_gid (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_int64
[ OK ] APIArgsTest.API_cgroup_set_value_int64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_int64
[ OK ] APIArgsTest.API_cgroup_get_value_int64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_uint64
[ OK ] APIArgsTest.API_cgroup_set_value_uint64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_uint64
[ OK ] APIArgsTest.API_cgroup_get_value_uint64 (0 ms)
[----------] 11 tests from APIArgsTest (0 ms total)
wrapper: fix segfault in cgroup_get_value_uint64()
The second and third arguments passed to cgroup_get_value_uint64() are
of type char * and the user might pass NULL in place of one or both of
the arguments, causing a segfault. The reason is, argument values are
used without checks, fix it by checking for NULL pointers before
proceeding.
tests/gunit: Extend the fuzzer to test cgroup_set_value_uint64()
Add fuzzing to the cgroup_set_value_uint64() API, by passing combination
of valid/NULL as arguments to the API.
[----------] 10 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
[ OK ] APIArgsTest.API_cgroup_new_cgroup (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_string
[ OK ] APIArgsTest.API_cgroup_set_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_string
[ OK ] APIArgsTest.API_cgroup_get_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_controller
[ OK ] APIArgsTest.API_cgroup_add_controller (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_value_string
[ OK ] APIArgsTest.API_cgroup_add_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_uid_gid
[ OK ] APIArgsTest.API_cgroup_get_uid_gid (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_int64
[ OK ] APIArgsTest.API_cgroup_set_value_int64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_int64
[ OK ] APIArgsTest.API_cgroup_get_value_int64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_uint64
[ OK ] APIArgsTest.API_cgroup_set_value_uint64 (0 ms)
[----------] 10 tests from APIArgsTest (0 ms total)
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
wrapper: fix segfault in cgroup_set_value_uint64()
The second argument passed to cgroup_set_value_uint64() is of type
char * and the user might pass NULL in the place of the argument,
causing a segfault. The reason is, argument values are used without
checks, fix it by checking for NULL pointers before proceeding.
tests/gunit: Extend the fuzzer to test cgroup_get_value_int64()
Add fuzzing to the cgroup_get_value_int64() API, by passing combination
of valid/NULL as arguments to the API.
[----------] 9 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
[ OK ] APIArgsTest.API_cgroup_new_cgroup (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_string
[ OK ] APIArgsTest.API_cgroup_set_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_string
[ OK ] APIArgsTest.API_cgroup_get_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_controller
[ OK ] APIArgsTest.API_cgroup_add_controller (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_value_string
[ OK ] APIArgsTest.API_cgroup_add_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_uid_gid
[ OK ] APIArgsTest.API_cgroup_get_uid_gid (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_int64
[ OK ] APIArgsTest.API_cgroup_set_value_int64 (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_int64
[ OK ] APIArgsTest.API_cgroup_get_value_int64 (0 ms)
[----------] 9 tests from APIArgsTest (0 ms total)
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
The second and third arguments passed to cgroup_get_value_int64() are of
type char * and the user might pass NULL in place of one or both of the
arguments, causing a segfault. The reason is, argument values are used
without checks, fix it by checking for NULL pointers before proceeding.
tests/gunit: Extend the fuzzer to test cgroup_set_value_int64()
Add fuzzing to the cgroup_set_value_int64() API, by passing combination
of valid/NULL as arguments to the API.
[----------] 8 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (1 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
[ OK ] APIArgsTest.API_cgroup_new_cgroup (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_string
[ OK ] APIArgsTest.API_cgroup_set_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_string
[ OK ] APIArgsTest.API_cgroup_get_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_controller
[ OK ] APIArgsTest.API_cgroup_add_controller (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_value_string
[ OK ] APIArgsTest.API_cgroup_add_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_uid_gid
[ OK ] APIArgsTest.API_cgroup_get_uid_gid (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_int64
[ OK ] APIArgsTest.API_cgroup_set_value_int64 (0 ms)
[----------] 8 tests from APIArgsTest (1 ms total)
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
The second argument passed to cgroup_set_value_int64() is of type char *
and the user might pass NULL in the place of the argument, causing a
segfault. The reason is, argument values are used without checks, fix
it by checking for NULL pointers before proceeding.
Tom Hromatka [Fri, 17 Feb 2023 22:16:34 +0000 (15:16 -0700)]
ftests: Cleanup pid logic in functional tests
PIDs were inconsistently being managed in the functional tests. Some
functions treated them as `int` and in others they were `str`. Modify
all functions that deal with PIDs to treat them as `int` or a list of
`int`s.
Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 28 Feb 2023 09:15:11 +0000 (14:45 +0530)]
tests/gunit: Extend the fuzzer to test cgroup_get_uid_gid()
Add fuzzing to the cgroup_get_uid_gid() API, by passing combination of
of valid/NULL as arguments to the API.
[----------] 7 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
[ OK ] APIArgsTest.API_cgroup_new_cgroup (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_string
[ OK ] APIArgsTest.API_cgroup_set_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_string
[ OK ] APIArgsTest.API_cgroup_get_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_controller
[ OK ] APIArgsTest.API_cgroup_add_controller (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_value_string
[ OK ] APIArgsTest.API_cgroup_add_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_uid_gid
[ OK ] APIArgsTest.API_cgroup_get_uid_gid (0 ms)
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 28 Feb 2023 09:15:05 +0000 (14:45 +0530)]
wrapper: fix segfault in cgroup_get_uid_gid()
The arguments passed to cgroup_get_uid_gid() are of type pointers and
the user might pass NULL in place of or all of the arguments, causing
a segfault. segfault is triggered when the NULL, argument value is
passed without check, fix it by checking for NULL before proceeding.
Kamalesh Babulal [Wed, 22 Feb 2023 14:43:45 +0000 (20:13 +0530)]
github/actions: Introduce a timeout to avoid apt races
There are chances that apt-get operations are run on the same VM by
different runners both competing to get apt locks. Introduce timeout of
3 seconds, in case the lock is already taken by another instance of
a runner.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Wed, 22 Feb 2023 17:06:13 +0000 (10:06 -0700)]
tests/ftests: synchronize between github runners
If a VM is shared between multiple github runners, there are chances of
each other stomping over other's run, if executed parallelly. To avoid
the race between the runners, introduce lock file, that gets acquired
(created) when ftest.sh starts and get removed by ftest-nocontainer.sh,
this ensures that both test cases are executed before other runner,
that's waiting for its chance to run. A runner would wait for
10 minutes before re-trying to run. At the max, a runner would wait for
50 minutes (5 retries) before giving up.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Mon, 27 Feb 2023 04:21:19 +0000 (09:51 +0530)]
tests/gunit: Extend the fuzzer to test cgroup_add_value_string()
Add fuzzing to the cgroup_add_value_string() API, by passing combination
of valid/NULL as arguments to the API.
[----------] 6 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
[ OK ] APIArgsTest.API_cgroup_new_cgroup (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_string
[ OK ] APIArgsTest.API_cgroup_set_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_string
[ OK ] APIArgsTest.API_cgroup_get_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_controller
[ OK ] APIArgsTest.API_cgroup_add_controller (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_value_string
[ OK ] APIArgsTest.API_cgroup_add_value_string (0 ms)
[----------] 6 tests from APIArgsTest (0 ms total)
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Mon, 27 Feb 2023 04:20:34 +0000 (09:50 +0530)]
wrapper: fix segfault in cgroup_add_value_string
The second and third arguments passed to cgroup_add_value_string() are
of type char * and the user might pass NULL in place of one or both of
the arguments, causing a segfault. segfault is trigger when the NULL,
argument value is passed to second argument without check, fix it by
checking for NULL before proceeding.
Reproducer:
----------
int main(void)
{
struct cgroup_controller *cgc;
struct cgroup *cgrp;
int ret;
ret = cgroup_init();
if (ret)
exit (1);
cgrp = cgroup_new_cgroup("fuzzer");
if (!cgrp)
exit (1);
cgc = cgroup_add_controller(cgrp, "cpu");
if (!cgc)
exit (1);
cgroup_add_value_string(cgc, NULL, NULL);
// should not reach here
return 0;
}
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 22 Feb 2023 21:09:07 +0000 (14:09 -0700)]
tools/cgxset: Fix potential memory leak in converted_src_cgroup
There's a brief window where converted_src_cgroup is allocated but
hasn't been assigned to the *cgroup pointer. If a failure occurs in
this window, then converted_src_cgroup must be freed before doing the
goto to the error path.
Also, simplify the error-handling logic in cgxset::main() by having all
errors goto "err".
Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 24 Feb 2023 05:35:07 +0000 (11:05 +0530)]
tests/gunit: Extend the fuzzer to test cgroup_add_controller()
Add fuzzing to the cgroup_add_controller() API, by passing combination
of valid/NULL as arguments to the API.
[----------] 5 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
[ OK ] APIArgsTest.API_cgroup_new_cgroup (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_string
[ OK ] APIArgsTest.API_cgroup_set_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_string
[ OK ] APIArgsTest.API_cgroup_get_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_add_controller
[ OK ] APIArgsTest.API_cgroup_add_controller (0 ms)
[----------] 5 tests from APIArgsTest (0 ms total)
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 24 Feb 2023 05:35:02 +0000 (11:05 +0530)]
wrapper: fix segfault in cgroup_add_controller()
The second argument passed to cgroup_add_controller() is of type
char * and the user might pass NULL in place of the arguments, causing
a segfault. segfault is trigger when the NULL, argument values is used
without checks, fix it by checking for NULL before proceeding.
Reproducer:
-----------
int main(void)
{
struct cgroup_controller *cgc;
struct cgroup *cgrp;
int ret;
cgroup_init();
if (ret)
exit(1);
cgrp = cgroup_new_cgroup("fuzzer");
if (!cgrp)
exit(1);
cgc = cgroup_add_controller(cgrp, "cpu");
if (!cgc)
exit(1);
cgroup_add_controller(cgrp, NULL);
// should not reach here
return 0;
}
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Thu, 23 Feb 2023 13:45:54 +0000 (13:45 +0000)]
tests/ftest: use string filter() to concatenation cause
if, then, else construction is used to concatenate the 'cause' string,
that appends the reason for the test failures. The reason to use the
checks to TypeError that occurs while concatenating None and str type.
Replace them with a one-liner string.filter(), across the test sources.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 21 Feb 2023 13:10:05 +0000 (13:10 +0000)]
tests/gunit: Extend the fuzzer to test cgroup_get_value_string()
Add fuzzing to the cgroup_get_value_string() API, by passing combination
of valid/NULL as arguments to the API.
s
[----------] 4 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
[ OK ] APIArgsTest.API_cgroup_new_cgroup (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_string
[ OK ] APIArgsTest.API_cgroup_set_value_string (0 ms)
[ RUN ] APIArgsTest.API_cgroup_get_value_string
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 21 Feb 2023 10:49:06 +0000 (10:49 +0000)]
wrapper: fix segfault in cgroup_get_value_string()
The second and third arguments passed to cgroup_get_value_string() are
of type char * and the user might pass NULL in place of one or both of
the arguments, causing a segfault. segfault is trigger when the NULL,
argument values are used without checks, fix it by checking for NULL
before proceeding.
Reproducer:
-----------
int main(void)
{
struct cgroup_controller *cgc;
struct cgroup *cgrp;
int ret;
cgroup_init();
if (ret)
exit(1);
cgrp = cgroup_new_cgroup("fuzzer");
if (!cgrp)
exit(1);
cgc = cgroup_add_controller(cgrp, "cpu");
if (!cgc)
exit(1);
ret = cgroup_add_value_string(cgc, "cpu.shares", "1024");
if (!cgc)
exit(1);
ret = cgroup_create_cgroup(cgrp, 1);
if (ret)
exit(1);
cgc = cgroup_get_controller(cgrp, "cpu");
if (!cgc)
exit(1);
cgroup_get_value_string(cgc, NULL, NULL);
return 0;
}
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 21 Feb 2023 13:13:25 +0000 (13:13 +0000)]
tests/gunit: Extend the fuzzer to test cgroup_set_value_string()
Add fuzzing to the cgroup_set_value_string() API, by passing combination
of valid/NULL as arguments to the API.
[----------] 3 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
[ OK ] APIArgsTest.API_cgroup_new_cgroup (0 ms)
[ RUN ] APIArgsTest.API_cgroup_set_value_string
[ OK ] APIArgsTest.API_cgroup_set_value_string (19 ms)
[----------] 3 tests from APIArgsTest (19 ms total)
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Mon, 20 Feb 2023 15:09:07 +0000 (15:09 +0000)]
wrapper: fix segfault in cgroup_set_value_string()
The second and third arguments passed to cgroup_set_value_string() are
of type char * and the user might pass NULL in place of one or both of
the arguments, causing a segfault. segfault is trigger when the NULL,
argument values are used without checks, fix it by checking for NULL
before proceeding.
Reproducer:
-----------
int main(void)
{
struct cgroup_controller *cgc;
struct cgroup *cgrp;
cgroup_init();
if (ret)
exit(1);
cgrp = cgroup_new_cgroup("fuzzer");
if (!cgrp)
exit(1);
cgc = cgroup_add_controller(cgrp, "cpu");
if (!cgc)
exit(1);
ret = cgroup_create_cgroup(cgrp, 1);
if (ret)
exit(1);
cgroup_set_value_string(cgc, NULL, NULL);
// should not reach here.
return 0;
}
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 15 Feb 2023 21:50:14 +0000 (14:50 -0700)]
ftests: Add cgroup_get_cgroup() pybindings test
Add a test to exercise cgroup_get_cgroup() and its python bindings.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 15 14:50:00
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
--------------------------------------------------
setup 0.00
072-pybindings-cgroup_get_cgroup.py 2.66
teardown 0.00
--------------------------------------------------
Total Run Time 2.66
Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Prior to this change, the above python code returned ECGROUPNOTEXIST in
the cg.get() line. Now it successfully completes, but no controllers
are populated.
Reported-by: Justin Israel <justinisrael@gmail.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Tue, 14 Feb 2023 19:58:59 +0000 (12:58 -0700)]
api: Add support for "cgroup" controller in cgroup v2
The "cgroup" controller has settings that the user may want to
read/write, e.g. cgroup.controllers, cgroup.subtree_control,
cgroup.procs, etc.
Add support for this controller when the cgroup v2 mount table is
parsed by creating a custom controller for the "cgroup" settings.
Note that this feature has not been added to cgroup v1 and cgroup v1
will continue to have limited access to the cgroup.* files.
Reported-by: Justin Israel <justinisrael@gmail.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Tue, 14 Feb 2023 19:53:03 +0000 (12:53 -0700)]
api: Support specifying controllers in cgroup_get_cgroup()
Add support for the user to explicitly specify controllers of interest
when calling cgroup_get_cgroup(). Controllers not specified will not
be added to the struct cgroup. Also, this allows users to view cgroup
v2 controllers that aren't enabled. This may be useful for seeing
settings like cpuset.cpus.effective even when the cpuset controller
isn't enabled.
If no controllers are specified, then the previous behavior should be
utilized. All controllers that are enabled for that cgroup will be
added to the struct cgroup.
Here is a simple example python program that exercises these changes:
#!/usr/bin/env python3
from libcgroup import Cgroup, Version
Kamalesh Babulal [Fri, 17 Feb 2023 09:59:30 +0000 (09:59 +0000)]
tools/cgset: fix Uninitialized pointer read
Fix Uninitialized pointer read, reported by Coverity Tool:
CID 307779 (#2 of 2): Uninitialized pointer read (UNINIT)22.
uninit_use_in_call: Using uninitialized value src_cgroup when calling
cgroup_free.
In main(), src_cgrp points to a valid struct cgroup only when the
user calls cgxset using --copy-from flag, Coverity warns about the
freeing src_cgrp, which is uninitialized in the error path. This patch
initializes converted_src_cgroup, src_cgroup and cgroup uninitialized
pointers and checks is src_cgrp is valid pointer before passing it to
cgroup_free()
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 17 Feb 2023 09:54:50 +0000 (09:54 +0000)]
tools/cgset: fix Uninitialized pointers read
Fix Uninitialized pointer read, reported by Coverity Tool:
CID 307778 (#2 of 2): Uninitialized pointer read (UNINIT)22.
uninit_use_in_call: Using uninitialized value src_cgroup when calling
cgroup_free.
In main(), src_cgrp points to a valid struct cgroup only when the user
calls cgset using --copy-from flag, Coverity warns about the freeing
src_cgrp, which is uninitialized in the error path. This patch
initializes src_cgrp and cgroup uninitialized pointers and checks
is src_cgrp is valid pointer before passing it to cgroup_free()
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Thu, 16 Feb 2023 13:36:48 +0000 (13:36 +0000)]
tests: Add a test for the python bindings to cgroup_set_default_systemd_cgroup
Add a test for the python bindings to cgroup_set_default_systemd_cgroup()
-----------------------------------------------------------------
Test Results:
Run Date: Feb 16 13:36:28
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
-----------------------------------------------------
setup 0.00
071-sudo-set_default_systemd_cgroup.py 0.02
teardown 0.00
-----------------------------------------------------
Total Run Time 0.02
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
TJH: Remove unnecessary int() typecast and add the test to Makefile.am
Kamalesh Babulal [Mon, 13 Feb 2023 06:49:59 +0000 (06:49 +0000)]
python: binding to read and set systemd_default_cgroup
Add an python binding that reads /run/libcgroup/systemd and if the file
exists, sets the systemd_default_cgroup. Then on all the paths
constructed, has the systemd_default_cgroup appended to it. This is
used when cgroup sub-tree is constructed for systemd delegation.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Thu, 16 Feb 2023 12:08:54 +0000 (17:38 +0530)]
man: document cgexec's -b (systemd) option
Add documentation about the -b option in the cgexec's man page. This
option ignores the default systemd delegated hierarchy path and
constructs the path of the control groups relative to the cgroup root
hierarchy.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Thu, 16 Feb 2023 12:08:54 +0000 (17:38 +0530)]
man: document cgclassify's -b (systemd) option
Add documentation about the -b option in the cgclassify's man page.
This option ignores the default systemd delegated hierarchy path
and constructs the path of the control groups relative to the cgroup
root hierarchy.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Thu, 16 Feb 2023 12:08:54 +0000 (17:38 +0530)]
man: document cgcreate's -b (systemd) option
Add documentation about the -b option in the cgcreate's man page. This
option ignores the default systemd delegated hierarchy path and
constructs the path of the control groups relative to the cgroup root
hierarchy.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Thu, 16 Feb 2023 12:08:54 +0000 (17:38 +0530)]
man: document cgxset's -b (systemd) option
Add documentation about the -b option in the cgxset's man page. This
option ignores the default systemd delegated hierarchy path and
constructs the path of the control groups relative to the cgroup root
hierarchy.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Thu, 16 Feb 2023 12:08:54 +0000 (17:38 +0530)]
man: document cgxget's -b (systemd) option
Add documentation about the -b option in the cgxget's man page. This
option ignores the default systemd delegated hierarchy path and
constructs the path of the control groups relative to the cgroup root
hierarchy.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Thu, 16 Feb 2023 12:08:54 +0000 (17:38 +0530)]
man: document cgdelete's -b (systemd) option
Add documentation about the -b option in the cgdelete's man page. This
option ignores the default systemd delegated hierarchy path and
constructs the path of the control groups relative to the cgroup root
hierarchy.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Thu, 16 Feb 2023 12:08:54 +0000 (17:38 +0530)]
man: document cgset's -b (systemd) option
Add documentation about the -b option in the cgset's man page. This
option ignores the default systemd delegated hierarchy path and
constructs the path of the control groups relative to the cgroup root
hierarchy.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Thu, 16 Feb 2023 12:08:54 +0000 (17:38 +0530)]
man: document cgget's -b (systemd) option
Add documentation about the -b option in the cgget's man page. This
option ignores the default systemd delegated hierarchy path and
constructs the path of the control groups relative to the cgroup root
hierarchy.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Wed, 15 Feb 2023 19:05:06 +0000 (12:05 -0700)]
pybindings: Fix a build warning on Fedora
While building python bindings on Fedora 34, gcc 11.3.1 triggers a
build warning:
[1/1] Cythonizing libcgroup.pyx
In file included from /usr/include/bits/libc-header-start.h:33,
from /usr/include/limits.h:26,
from /usr/lib/gcc/x86_64-redhat-linux/11/include/limits.h:203,
from /usr/lib/gcc/x86_64-redhat-linux/11/include/syslimits.h:7,
from /usr/lib/gcc/x86_64-redhat-linux/11/include/limits.h:34,
from /usr/include/python3.9/Python.h:11,
from libcgroup.c:25:
/usr/include/features.h:397:4: warning: #warning _FORTIFY_SOURCE requires compiling with optimization (-O) [-Wcpp]
397 | # warning _FORTIFY_SOURCE requires compiling with optimization (-O)
| ^~~~~~~
the reason being the default compiler flags for c/c++ includes
'-Wp,-D_FORTIFY_SOURCE=2' and '-D_FORTIFY_SOURCE=2'. Whereas Ubuntu
compilers include '-D_FORTIFY_SOURCE=2' option only. This can be
fixed by adding '-O2' to the CPP Flags in the pybinding Makefile and
there is no side effect in both Fedora and Ubuntu because by default
'-D_FORTIFY_SOURCE=2' is included. The Ubuntu automatically auto
includes '-D_FORTIFY_SOURCE=2' when '-O2' is passed but here it's been
already explicitly passed.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 07:52:13 +0000 (07:52 +0000)]
ftests: Add a test to validate cgx{get,set} systemd options (cgroup v2)
Add a test case to validate cgx{get, set} tool's systemd options on
cgroup unified setup mode.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 08:15:40
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
---------------------------------------------------------
setup 0.00
070-sudo-systemd_cgxget-cpu-settings-v2.py 3.00
teardown 0.00
---------------------------------------------------------
Total Run Time
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 07:40:25 +0000 (07:40 +0000)]
ftests: Add a test to validate cgx{get,set} systemd options (cgroup v1)
Add a test case to validate cgx(get, set} tool's systemd options on
cgroup legacy/hybrid setup modes.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 08:09:43
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
---------------------------------------------------------
setup 0.00
069-sudo-systemd_cgxget-cpu-settings-v1.py 2.74
teardown 0.00
---------------------------------------------------------
Total Run Time 2.74
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 07:38:08 +0000 (07:38 +0000)]
ftests: Add a test to validate cgexec's systemd options (cgroup v2)
Add a test case to validate cgexec tool's systemd options on cgroup
unified setup mode.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 07:57:18
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
--------------------------------------------
setup 0.00
068-sudo-systemd_cgexec-v2.py 5.53
teardown 0.00
--------------------------------------------
Total Run Time 5.53
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 07:29:03 +0000 (07:29 +0000)]
ftests: Add a test to validate cgexec's systemd options (cgroup v1)
Add a test case to validate cgexec tool's systemd options on cgroup
legacy/hybrid setup modes.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 07:48:48
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
--------------------------------------------
setup 0.00
067-sudo-systemd_cgexec-v1.py 5.32
teardown 0.00
--------------------------------------------
Total Run Time 5.32
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 09:00:12 +0000 (14:30 +0530)]
ftests: Add a test to validate cgclassify's systemd options (cgroup v2)
Add a test case to validate cgclassify tool's systemd options on cgroup
unified mode.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 07:43:23
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
------------------------------------------------
setup 0.00
066-sudo-systemd_cgclassify-v2.py 7.57
teardown 0.00
------------------------------------------------
Total Run Time 7.57
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 07:49:16 +0000 (07:49 +0000)]
ftests: Add a test to validate cgclassify's systemd options (cgroup v1)
Add a test case to validate cgclassify tool's systemd options on cgroup
legacy/hybrid setup modes.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 06:51:38
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
------------------------------------------------
setup 0.00
065-sudo-systemd_cgclassify-v1.py 7.38
teardown 0.00
------------------------------------------------
Total Run Time 7.38
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 06:45:43 +0000 (06:45 +0000)]
ftests: Add to test to validate cgset's systemd options (cgroup v2)
Add a test case to validate cgset tool's systemd options on cgroup
unified setup mode.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 14:38:30
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
-------------------------------------------
setup 0.00
064-sudo-systemd_cgset-v2.py 2.33
teardown 0.00
-------------------------------------------
Total Run Time 2.33
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Fri, 10 Feb 2023 06:41:50 +0000 (06:41 +0000)]
ftests: Add to test to validate cgset's systemd options (cgroup v1)
Add a test case to validate cgset tool's systemd options on cgroup
legacy and hybrid setup modes.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 12:53:35
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
-------------------------------------------
setup 0.00
063-sudo-systemd_cgset-v1.py 2.20
teardown 0.00
-------------------------------------------
Total Run Time 2.20
[Kamalesh improvised on the original test case] Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 06:37:07 +0000 (06:37 +0000)]
ftests: Add a test to validate cgget's systemd options (cgroup v2)
Add a test case to validate cgget tool's systemd options on cgroup
unified setup mode.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 12:00:26
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
------------------------------------------------------------
setup 0.00
062-sudo-g_flag_controller_only_systemd-v2.py 2.25
teardown 0.00
------------------------------------------------------------
Total Run Time 2.25
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Fri, 10 Feb 2023 06:31:16 +0000 (06:31 +0000)]
ftests: Add a test to validate cgget's systemd options (cgroup v1)
Add a test case to validate cgget tool's systemd options on cgroup
legacy/hybrid setup modes.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 08:42:19
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
------------------------------------------------------------
setup 0.00
061-sudo-g_flag_controller_only_systemd-v1.py 2.16
teardown 0.00
------------------------------------------------------------
Total Run Time 2.16
[Kamalesh improvised on the original test case] Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 06:22:06 +0000 (06:22 +0000)]
ftests: Add a test to validate systemd configurations
Add a test case to parse test different combination of valid and invalid
systemd configurations.
-----------------------------------------------------------------
Test Results:
Run Date: Feb 05 08:33:41
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
-------------------------------------------------
setup 0.00
060-sudo-cgconfigparser-systemd.py 4.31
teardown 0.00
-------------------------------------------------
Total Run Time 4.31
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 06:39:11 +0000 (06:39 +0000)]
tests/systemd - Add more helpers for cgroup delegation
Add more helpers to work with systemd cgroup delegation, this patch
adds:
- remove_scope_slice_conf() to remove the cgconfig file created and
remove the scope cgroup and slice cgroups.
- write_config_with_pid() to write a cgconfig file with the systemd
configurations.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 06:02:42 +0000 (06:02 +0000)]
tests/cgroup - Add more helpers for cgroup delegation
Add more helpers to work with systemd cgroup delegation, this patch
adds:
- create_and_validate() to create cgroups and validate if they were
created under the delegate systemd subtree.
- exists() is called by create_and_validate() to perform the
validation part.
Suggested-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Thu, 2 Feb 2023 13:39:42 +0000 (13:39 +0000)]
ftests: Add ignore_systemd support to the CLI tools
Add ignore_systemd support (-b flag) to the CLI tools in the functional
tests, so that the functions calling the CLI tools are aware of the
delegated systemd subtree support in the tools and switch between cgroup
controllers root and systemd subtree using -b switch.
[Kamalesh extended the -b flags to some of the CLI tools] Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Fri, 10 Feb 2023 05:45:22 +0000 (05:45 +0000)]
tests/cgroup: Add None as controller get_controller_mount_point()
Cgroup hybrid/unified setup modes support creating cgroups without
attaching them to any controller. Enhance get_controller_mount_point()
to support 'None' as a valid controller and return a mount point.
Kamalesh Babulal [Tue, 31 Jan 2023 06:24:37 +0000 (06:24 +0000)]
tools/cgexec: add support for default systemd delegation slice/scope
Enhance the cgexec tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if any, and
set it as the default systemd slice/scope in
systemd_default_cgroup. Setting it appends the slice/scope
name to the constructed default cgroup mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to
create a cgroup in another subtree or cgroup root hierarchy, they need
to use the absolute path. For example:
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:43 +0000 (14:13 +0000)]
tools/cgclassify: add support for default systemd delegation slice/scope
Enhance the cgclassify tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if
any, and set it as the default systemd slice/scope in
systemd_default_cgroup. Setting it appends the slice/scope
name to the constructed default cgroup mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to
create a cgroup in another subtree or cgroup root hierarchy, they need
to use the absolute path. For example:
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:38 +0000 (14:13 +0000)]
tools/lscgroup: add support for default systemd delegation slice/scope
Enhance the lscgroup tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if
any, and set it as the default systemd slice/scope in
systemd_default_cgroup. Setting it appends the slice/scope
name to the constructed default cgroup mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to
create a cgroup in another subtree or cgroup root hierarchy, they need
to use the absolute path. For example:
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:35 +0000 (14:13 +0000)]
tools/cgcreate: add support for default systemd delegation slice/scope
Enhance the cgcreate tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if
any, and set it as the default systemd slice/scope in
systemd_default_cgroup. Setting it appends the slice/scope
name to the constructed default cgroup mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to
create a cgroup in another subtree or cgroup root hierarchy, they need
to use the absolute path. For example:
tools/cgxset add support for default systemd delegation slice/scope
Enhance the cgxset tool to support default systemd delegation slice/scope,
if set in the cgconfig.conf's systemd setting. Parse the configuration
file and read the systemd::delegate setting, if any, and set it as
the default systemd slice/scope in systemd_default_cgroup.
Setting it appends the slice/scope name to the constructed default cgroup
mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to set
controller::value in a cgroup under another subtree or cgroup root
hierarchy, they need to use the absolute path. For example:
cgroup_root
/ \
/ \
systemd.slice* cgrp1
|
systemd.scope
|
cgrp-d1
* default system delegation slice/scope - read from cgconfig.conf
tools/cgxget: add support for default systemd delegation slice/scope
Enhance the cgxget tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if any, and
set it as the default systemd slice/scope in systemd_default_cgroup.
Setting it appends the slice/scope name to the constructed default cgroup
mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to get
details about the cgroups in another subtree or cgroup root hierarchy,
they need to use the absolute path. For example:
cgroup_root
/ \
/ \
systemd.slice* cgrp1
|
systemd.scope
|
cgrp-d1
* default system delegation slice/scope - read from cgconfig.conf
$ sudo cgxget -1 -r cpu.shares cgrp-d1
will display the cpu controller information under the
cgroup_root:systemd_default_cgroup:cgrp-d1
and for viewing the cpu controller information of cgrp1, the user
can use:
$ sudo cgxget -1 -r cpu.shares /cgrp1
or use the newly introduced -b switch to ignore the systemd
slice/scope:
$ sudo cgxget -b -1 -r cpu.shares /cgrp1
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
TJH: Fix minor typo in a comment where delegate was written instead
of setdefault
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:27 +0000 (14:13 +0000)]
tools/cgdelete: add support for default systemd delegation slice/scope
Enhance the cgdelete tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if any,
and set it as the default systemd slice/scope in systemd_default_cgroup.
Setting it appends the slice/scope name to the constructed default cgroup
mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to
delete the cgroups in another subtree or cgroup root hierarchy, they
need to use the absolute path. For example:
cgroup_root
/ \
/ \
systemd.slice* cgrp1
|
systemd.scope
|
cgrp-d1
* default system delegation slice/scope - read from cgconfig.conf
$ sudo cgdelete -g cpu:cgrp-d1
will delete the cgroup cgrp-d1 under the
cgroup_root:systemd_default_cgroup:cgrp-d1
and for deleting the cgroup cgrp1, the user can use:
$ sudo cgdelete -g cpu:/cgrp1
or use the newly introduced -b switch to ignore the systemd slice/scope:
$ sudo cgdelete -b -g cpu:cgrp1
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:25 +0000 (14:13 +0000)]
tools/cgset: add support for default systemd delegation slice/scope
Enhance the cgset tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting. Parse the
configuration file and read the systemd::delegate setting, if any,
and set it as the default systemd slice/scope in systemd_default_cgroup.
Setting it appends the slice/scope name to the constructed default cgroup
mount path.
When the user passes the relative cgroup name, it appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to set
controller::value in a cgroup under another subtree or cgroup root
hierarchy, they need to use the absolute path. For example:
cgroup_root
/ \
/ \
systemd.slice* cgrp1
|
systemd.scope
|
cgrp-d1
* default system delegation slice/scope - read from cgconfig.conf
$ sudo ./src/tools/cgset -r cpu.weight=99 cgrp-d1
will set the cpu controller::cpu.weight setting under the
cgroup_root:systemd_default_cgroup:cgrp-d1
and for setting the cpu controller information of cgrp1, the user can
use:
$ sudo ./src/tools/cgset -r cpu.weight=99 /cgrp1
or use the newly introduced -b switch to ignore the systemd slice/scope:
$ sudo ./src/tools/cgset -b -r cpu.weight=99 cgrp1
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:23 +0000 (14:13 +0000)]
tools/cgget: add support for default systemd delegation slice/scope
Enhance the cgget tool to support default systemd delegation
slice/scope, if set in the cgconfig.conf's systemd setting.
Parse the configuration file and read the systemd::delegate setting,
if any, and set it as the default systemd slice/scope in
systemd_default_cgroup. Setting it appends the slice/scope name to
the constructed default cgroup mount path.
When the user passes the relative cgroup name, its appends to the
sub-tree (delegated slice/scope) by default and if the user wishes to get
details about the cgroups in another subtree or cgroup root hierarchy,
they need to use the absolute path. For example:
cgroup_root
/ \
/ \
systemd.slice[1] cgrp1
|
systemd.scope
|
cgrp-d1
[1] default systemd delegation slice/scope - read from cgconfig.conf
$ sudo cgget -g cpu:cgrp-d1
will display the CPU controller information under the
cgroup_root:systemd_default_cgroup:cgrp-d1
and for viewing the CPU controller information of cgrp1, the user can
use:
$ sudo cgget -g cpu:/cgrp1
or use the newly introduced -b switch to ignore the systemd slice/scope:
$ sudo cgget -b -g cpu:cgrp
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
TJH: Fix minor typo in a comment where delegate was written instead
of setdefault
Kamalesh Babulal [Tue, 10 Jan 2023 14:13:22 +0000 (14:13 +0000)]
tools/Makefile: add WITH_SYSTEMD CFLAGS
Introduce EXTRA_CFLAGS, "-DWITH_SYSTEMD" that will get passed to tools
and depending upon the configure options, enable and disable the systemd
support.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Introduce an API cgroup_set_default_systemd_cgroup(), that reads the
systemd_default_cgroup_file, if exists, and only sets the
systemd_default_cgroup path if both of the following conditions are met:
1. The minimum length of the default slice/scope read is 15
characters, because at the minimum it should be <n>.slice/<n>.scope.
2. Checks if the /sys/fs/cgroup/<systemd_default_cgroup> cgroup exists
and if it doesn't, it also deletes the systemd_default_cgroup_file
(/var/run/libcgroup/systemd) file.
this will be used by the tools and can be used by any applications
to set the default cgroup tree to systemd_default_cgroup after loading
the cgconfig.conf file(s).
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
samples/config: add a sample systemd delegation configuration
Add a sample cgconfig.conf configuration file, that serves as a template
for systemd delegation and how users can control the resources limit
allocation such as cpu, memory, or any other valid cgroup settings for
the systemd slice/scope cgroup created.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
cg_build_path() constructs the cgroup path to the mount point of the
given cgroup controller. With the support for the default systemd scope,
the default cgroup path for the controller, appends the slice/scope
name, making it the default cgroup root.
Allowing the users to set their default cgroup path from
'/sys/fs/cgroup/' to
'/sys/fs/cgroup/<systemd slice name>/<systemd scope name>/', while
using the libcgroup tools, allowing them to work on the delegated
cgroup hierarchy.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
config: Support systemd's slice/scope creation/delegation using configuration
Add support for the creation of systemd slices and scopes (transient).
Users can create a systemd slice and scope using the new setting
'systemd' in the cgconfig.conf.
systemd configuration requires two mandatory settings, slice and scope,
those represent the systemd slice and scope name and other optional
settings are 'setdefault', that allows the users to append one of the
systemd slice/scope name to as default cgroup root, making the delegated
subtree as the new cgroup root, i.e., the default cgroup path is
changed to '/sys/fs/cgroup/database.slice/db.scope/' from
'/sys/fs/cgroup/', this is useful to the libcgroup tools, where users
can work on new subtree hierarchy, they created and other optional
setting is pid, which can be used as the default task for transient
scope, created by us, by default a task that spins an idle loop is
created and set as default task.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
TJH: Fix minor typos in a couple comments where delegate was written
instead of setdefault
TJH: Explicitly initialize the list head and tail to NULL. May not be
needed but better safe than sorry
api.c: cg_build_path_locked() - work around snprintf() warnings
Recent gcc are unhappy when sizeof(dest) <= sizeof(src) with
snprintf()'s. We could need too many strncpy()'s and strcat()'s for
constructing file path, so let's workaround it by allocating long
enough space for keeping snprintf() happy and then use the temporarily
allocated array and use it as src for strncpy() with limit of
FILENAME_MAX.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Tue, 7 Feb 2023 23:28:50 +0000 (16:28 -0700)]
github: Add dependency checker action
Add an action, dependabot, that will periodically check GitHub Actions
dependencies. It is currently configured to run weekly. If dependabot
finds an update, it will open a pull request.
See here for more details:
https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Tue, 7 Feb 2023 23:27:11 +0000 (16:27 -0700)]
github: README: Update code quality analysis
LGTM code quality analysis is deprecated [1] and no longer generates
code quality information. Remove the LGTM badge and replace it with
a CodeQL badge. To facilitate this, move the CodeQL workflow into its
own workflow so that its status can be reported separately from the
automated tests.
tests/gunit: Extend the fuzzer to test cgroup_new_cgroup()
Add fuzzing to the cgroup_new_cgroup() API, by passing NULL as cgroup
name.
[----------] 2 tests from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[ RUN ] APIArgsTest.API_cgroup_new_cgroup
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Thu, 2 Feb 2023 15:10:19 +0000 (08:10 -0700)]
github: Update actions to remove warnings
Update the setup-python action to v4 and the upload-artifact
action to v3. This should remove the following warnings:
Node.js 12 actions are deprecated. Please update the following
actions to use Node.js 16: actions/setup-python@v2. For more
information see:
https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/.
Node.js 12 actions are deprecated. Please update the following
actions to use Node.js 16: actions/upload-artifact@v2,
coverallsapp/github-action@master. For more information see:
https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Thu, 2 Feb 2023 15:09:52 +0000 (08:09 -0700)]
github: Update to checkout@v3
Update the checkout action to v3. This is to appease the
following warning:
Node.js 12 actions are deprecated. Please update the
following actions to use Node.js 16: actions/checkout@v2,
actions/setup-python@v2. For more information see:
https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Kamalesh Babulal [Tue, 31 Jan 2023 18:27:22 +0000 (11:27 -0700)]
tests/gunit: Add a simple fuzzer
Add a simple fuzzing test case that would exercise API's unlikely code
paths by passing NULL/negative values as arguments.
Output:
--------
[...]
[----------] 1 test from APIArgsTest
[ RUN ] APIArgsTest.API_cgroup_set_permissions
[ OK ] APIArgsTest.API_cgroup_set_permissions (0 ms)
[----------] 1 test from APIArgsTest (0 ms total)
to begin with, it exercises cgroup_set_permissions() by passing a NULL
pointer in place of struct cgroup. This test case will be extended to
cover almost all APIs.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Kamalesh Babulal [Tue, 31 Jan 2023 18:27:06 +0000 (11:27 -0700)]
api: fix segfault in cgroup_set_permissions()
In cgroup_set_permissions(), we don't validate the cgroup and a NULL may
be passed to it in place of the cgroup, causing a segfault, when the
NULL pointer is dereferenced to set the permissions. This patch
introduces a check to validate the cgroup argument.
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Fri, 27 Jan 2023 20:48:49 +0000 (13:48 -0700)]
github: Roll back distcheck and v1 functests to Ubuntu 20.04
Ubuntu 22.04 VMs hosted by Github cannot find the LXD package.
Revert back to Ubuntu 20.04 for the Dist Check and the v1
Functional Test jobs until Github gets this sorted out.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Fri, 27 Jan 2023 20:48:31 +0000 (13:48 -0700)]
ftests: Add a test to exercise invalid systemd parameters
Add a test that exercises invalid parameters to
cgroup_create_scope2().
-----------------------------------------------------------------
Test Results:
Run Date: Jan 25 09:32:58
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
--------------------------------------------------------
setup 0.00
059-sudo-invalid_systemd_create_scope2.py 0.00
teardown 0.00
--------------------------------------------------------
Total Run Time 0.00
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Tom Hromatka [Fri, 27 Jan 2023 20:46:27 +0000 (13:46 -0700)]
ftests: Add a test for creating a systemd scope
Add a test to exercise cgroup_create_scope2().
-----------------------------------------------------------------
Test Results:
Run Date: Nov 18 16:12:16
Passed: 1 test(s)
Skipped: 0 test(s)
Failed: 0 test(s)
-----------------------------------------------------------------
Timing Results:
Test Time (sec)
------------------------------------------------
setup 0.00
058-sudo-systemd_create_scope2.py 2.05
teardown 0.00
------------------------------------------------
Total Run Time 2.05
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
projects / thirdparty / libcgroup.git / log
