Tom Hromatka [Tue, 23 Feb 2021 20:47:38 +0000 (13:47 -0700)]
api.c: Fix erroneous error handling in cgroup_set_values_recursive()
Ignore the positive length returned by asprintf() and only act
upon the error code returned from cg_set_control_value(). Previously
cgroup_set_values_recursive() mishandled the error handling when
the value's dirty flag was set.
Reported-by: Bharani viswas <bharani.viswas@gmail.com> Fixes: 092e4aeb0416f ("api.c: Refactor duplicate logic in cgroup modify and create") Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Thu, 17 Dec 2020 18:39:11 +0000 (11:39 -0700)]
cgsnapshot: Replace hardcoded "tasks" file
Replace the hardcoded building of the tasks path in
cgsnapshot with a call to cgroup_build_tasks_procs_path().
By calling cgroup_build_tasks_procs_path(), cgsnapshot
now supports both cgroup v1 and cgroup v2.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Dhaval Giani <dhaval.giani@oracle.com>
Tom Hromatka [Thu, 17 Dec 2020 18:24:13 +0000 (11:24 -0700)]
github: Display ftests.sh.log in the CI GUI
Now that we invoke ftests.sh in the functional tests'
Makefile.am, test-suite.log isn't that useful. Display
ftests.sh.log in the Github Actions GUI since
ftests.sh.log contains pass/fail info for each test.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Thu, 17 Dec 2020 15:03:32 +0000 (08:03 -0700)]
github: Improve logging and reporting
Display the high-level log, test-suite.log, in
the github work for all jobs. Also, archive the
functional test logs to facilitate debugging a
failed run.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Tue, 15 Dec 2020 22:11:01 +0000 (15:11 -0700)]
README.md: Update the coveralls badge
The coveralls.io badge wasn't consistently updating
after a successful run. Remove the "?branch=master"
parameter and switch to using a png rather than an
svg.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Add a Github Actions continuous integration workflow. This
workflow runs the unit tests, the cgroup v1 functional tests,
and the cgroup v2 functional tests. The code coverage results
from all of the runs are collated at coveralls.io.
Like Travis CI, Github Actions currently does not provide a
distro that natively runs cgroup v2. (And it also doesn't
expose the kernel boot command line.) So, like our previous
Travis CI solution, unmount the cpuset controller and enable
it in cgroup v2.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Tue, 15 Dec 2020 20:45:46 +0000 (13:45 -0700)]
github: Add a Github Action to setup the libcgroup directory
Add a Github Action to setup the libcgroup directory.
This action installs the required dependencies, run
bootstrap.sh, runs configure, and invokes make.
Since the action is invoked locally (and not via Github
Action's published action mechanism), the repository must
be git cloned prior to running this action.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 28 Oct 2020 14:57:09 +0000 (14:57 +0000)]
travis: Add test job on cgroup v2 Ubuntu 20.04
Add a test job on Ubuntu 20.04. Prior to running the tests, unmount
the cpuset cgroup controller and enable it in the cgroup v2 unified
hierarchy. Once each job is complete, it notifies coveralls via a
REST call.
Unfortunately, Travis CI doesn't provide a cgroup v2 system image
and also doesn't allow us to modify the kernel boot parameters.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Thu, 15 Oct 2020 21:58:19 +0000 (15:58 -0600)]
api.c: Replace hardcoded "/tasks" in delete functions
Replace the hardcoded building of the tasks path in
cg_delete_cgroup_controller() and cgroup_delete_cgroup_ext()
with a call to cgroup_build_tasks_procs_path(). By calling
cgroup_build_tasks_procs_path(), both delete functions now
support cgroup v1 and v2.
cgdelete now supports cgroup v2.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 23 Sep 2020 16:41:32 +0000 (10:41 -0600)]
api.c: Verify if a controller is enabled for a v2 cgroup
Add a function, cgroupv2_controller_enabled(), that checks if the
requested cgroup v2 controller can be used for the specified path.
Again, in cgroup v2, to use a controller, it must be added to the
parent cgroup's cgroup.subtree_control file.
This check is required to ensure that the cgexec and cgclassify
operations will succeed. And with this commit, cgexec and cgclassify
work on both cgroup v1 and cgroup v2 hierarchies.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 23 Sep 2020 16:41:00 +0000 (10:41 -0600)]
api.c: Add function to read the cgroup.subtree_control file
Add a function, cgroupv2_get_subtree_control(), that verifies
if a controller is enabled in the cgroup.subtree_control file
for the requested path.
This function will be used in the next commit - "api.c: Add function
to check if a controller is enabled for a cgroup v2 cgroup" - to
determine if the requested cgroup v2 controller is enabled for a
cgroup. This is a required check to ensure that the
cgclassify/cgexec operation will succeed.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 23 Sep 2020 16:39:33 +0000 (10:39 -0600)]
api.c: Add function to build tasks/procs path
Replace the inline logic in multiple functions that concatenates
the path and cgroup v1 tasks file with a function -
cgroup_build_tasks_procs_path() - that works for both cgroup v1
and v2. In the v1 case, it appends tasks, and in the v2 case, it
appends cgroup.procs.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 29 Jul 2020 16:52:49 +0000 (16:52 +0000)]
api.c: Add cgroup v2 support to cgroup_create_cgroup()
This commit adds cgroup v2 support go cgroup_create_cgroup().
If the controller is mounted via cgroup v2, then the
subtree_control file in the parent directory will be updated
to enable the controller in children cgroups. The tasks
file is only updated for cgroup v1 mounts.
Here's an example of creating a cgroup hierarchy in a single command:
sudo cgcreate -g io:a/b/c/d
The above cgcreate example is equivalent to:
mkdir -p {root_cg}/a/b/c/d
echo +io > {root_cg}/cgroup.subtree_control
echo +io > {root_cg}/a/cgroup.subtree_control
echo +io > {root_cg}/a/b/cgroup.subtree_control
echo +io > {root_cg}/a/b/c/cgroup.subtree_control
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 29 Jul 2020 16:46:44 +0000 (16:46 +0000)]
api.c: Add function to recursively manage the cgroup v2 subtree
This commit adds the function cgroupv2_subtree_control_recursive().
cgroupv2_subtree_control_recursive() creates a cgroup hierarchy with
the subtree_control enabled in each parent cgroup for the requested
cgroup controller.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Thu, 16 Jul 2020 20:26:49 +0000 (14:26 -0600)]
api.c: Add function to manage the cgroup v2 subtree_control file
This commit adds the function cgroupv2_subtree_control().
cgroupv2_subtree_control() can be used to enable or disable a
controller in the subtree_control file. The equivalent command
line is:
echo +{ctrl_name} > {path}/cgroup.subtree_control
echo -{ctrl_name} > {path}/cgroup.subtree_control
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 15 Jul 2020 18:44:20 +0000 (12:44 -0600)]
api.c: Refactor tasks file permissions code into its own function
Within cgroup_create_cgroup(), there was a block of code to set the
owner, group, and file permissions on the cgroup v1 tasks file. This
commit moves that logic into its own function -
cgroup_chown_chmod_tasks().
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 15 Jul 2020 17:06:47 +0000 (11:06 -0600)]
api.c: Refactor duplicate logic in cgroup modify and create
cgroup_modify_cgroup() and cgroup_create_cgroup() have nearly
identical logic to walk the settings beneath the controller
and update them. This commit refactors the duplicate logic in
these two functions into one location - cgroup_set_values_recursive().
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Wed, 15 Jul 2020 18:06:15 +0000 (12:06 -0600)]
travis: Show the gunit log on failure
When a failure occurs in TravisCI, we currently show only the
test-suite.log from the functional tests. This commit also displays
the googletest test-suite.log.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Koji Builder [Sat, 11 Jul 2020 15:22:48 +0000 (16:22 +0100)]
Paralell build fix #7
All source soce files which first needs to be generated needs to be listed in
BUILT_SOURCES.
This patch adds to that automake variable parse.c and parse.h because they are
listed below in libcgroup_la_SOURCES.
Documentetion of the BUILT_SOURCES is on:
https://www.gnu.org/software/automake/manual/html_node/Sources.html
Reported-by: Tomasz Kłoczko <kloczek@giithub.com> Signed-off-by: Tomasz Kłoczko <kloczek@giithub.com>
Tom Hromatka [Mon, 11 May 2020 02:09:44 +0000 (02:09 +0000)]
api.c: cgget: cgset: Add cgroup v2 support
This commit adds cgroup v2 support to cgroup_init(). With these
changes, cgget and cgset now work on a cgroup v1 mount, a cgroup
v2 mount, or a cgroup v2 unified mount hierarchy.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Mon, 11 May 2020 02:20:40 +0000 (02:20 +0000)]
api.c: Add support for cgroup v2 to cg_test_mounted_fs()
This commit adds a string comparison of "cgroup2" to
cg_test_mounted_fs(). This allows cgroup v2 mounts to pass the
filesystem check and thus cgroups can be created.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Acked-by: Dhaval Giani <dhaval.giani@oracle.com>
Tom Hromatka [Mon, 11 May 2020 02:00:37 +0000 (02:00 +0000)]
api.c: Refactor cgroup v1 logic in cgroup_init()
In preparation for adding support for cgroup v2, this commit
moves the cgroup v1 mount logic out of cgroup_init() and into
its own function. No functional changes were made.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Acked-by: Dhaval Giani <dhaval.giani@oracle.com>
Tom Hromatka [Tue, 7 Apr 2020 14:08:25 +0000 (08:08 -0600)]
tests: Remove the tests folder from this git repo
The test code has been moved to a separate git repo,
libcgroup-tests. But before that repo can be added as a
submodule, the tests directory must first be deleted from
this repo.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Mon, 6 Apr 2020 14:43:43 +0000 (08:43 -0600)]
tests: Remove the tests folder from this git repo
The test code has been moved to a separate git repo,
libcgroup-tests. Before we can add that repo as a submodule,
we must first delete the tests directory.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Nikola Forró [Thu, 16 Jan 2020 17:43:54 +0000 (18:43 +0100)]
Increase maximal size of controller values
Maximal length of a controller value is determined by CG_VALUE_MAX,
which is equal to 100. That is not sufficient in some cases.
Add new constant CG_CONTROL_VALUE_MAX (to prevent breaking current API)
and set it to 4096, which is usually equal to the amount of bytes that
can be written to a sysctl file directly.
Add warning message about exceeding the limit while parsing
configuration file.
Signed-off-by: Nikola Forró <nforro@redhat.com> Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com>
Nikola Forró [Thu, 16 Jan 2020 17:43:51 +0000 (18:43 +0100)]
api.c: Preserve dirty flag when copying controller values
When setting cgroup parameters with cgset fails, no error is reported.
This is caused by the fact that cgroup_copy_controller_values is not
preserving dirty flags of the values, so it's making all errors
considered non-fatal.
Signed-off-by: Nikola Forró <nforro@redhat.com> Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com>
Nikola Forró [Thu, 16 Jan 2020 17:43:50 +0000 (18:43 +0100)]
api.c: Fix potential buffer overflow
It is assumed that arguments read from /proc/<pid>/cmdline don't exceed
buf_pname buffer size, which is FILENAME_MAX - 1 characters, but that's
not always the case.
Add check to prevent buffer overflow and discard the excessive part of
an argument.
Signed-off-by: Nikola Forró <nforro@redhat.com> Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com>
Nikola Forró [Thu, 16 Jan 2020 17:43:49 +0000 (18:43 +0100)]
api.c: Fix order of memory subsystem parameters generated by cgsnapshot
Order of parameters usually doesn't matter, but that's not the case with
memory.limit_in_bytes and memory.memsw.limit_in_bytes. When the latter
is first in the list of parameters, the resulting configuration is not
loadable with cgconfigparser.
This happens because when a cgroup is created, both memory.limit_in_bytes
and memory.memsw.limit_in_bytes parameters are initialized to highest
value possible (RESOURCE_MAX). And because memory.memsw.limit_in_bytes
must be always higher or equal to memory.limit_in_bytes, it's impossible
to change its value first.
Make sure that after constructing parameter list of memory subsystem,
the mentioned parameters are in correct order.
Signed-off-by: Nikola Forró <nforro@redhat.com> Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Mon, 13 Jan 2020 23:34:56 +0000 (23:34 +0000)]
tests: Fix test failure on Fedora 30
Unit test 004-cgroup_compare_ignore_rule.cpp segfaults on
test CgroupCompareIgnoreRuleTest.CombinedControllers(). This
is due to rule.procname being uninitialized. This commit
initializes the entire rule structure to zero.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Mon, 13 Jan 2020 23:31:20 +0000 (23:31 +0000)]
autotools: gtest: Distribute the googletest *.so files
googletest strongly recommends that their library is
rebuilt on each platform, but this runs counter to a
tagged release of code that utilizes gtest. This commit
enables `make dist` to bundle the googletest *.so files
into the resultant zip file.
Note that these googletest *.so files are dependent upon
a certain version of glibc (and other libraries) and may
not work on distros with very old versions of those
tools.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Fri, 10 Jan 2020 22:46:26 +0000 (22:46 +0000)]
gtest: Cleanup gtest make targets
Prior to this commit the unit test map file was being
included in the source directory. It has now been moved
to the tests/gunit directory. This commit also properly
connects the tests/gunit Makefile to the googletest *.la
so that a recompile of googletest is not required.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Dhaval Giani <dhaval.giani@oracle.com>
Tom Hromatka [Fri, 10 Jan 2020 22:44:04 +0000 (22:44 +0000)]
bootstrap: Actually build gtest
googletest should be entirely compiled into an *.la
prior to ./configure. The *.la should be added as
an extra distribution item to the dist tarball. This
will make it so that the distribution vendors do not
need to rebuild googletest.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Reviewed-by: Dhaval Giani <dhaval.giani@oracle.com>
Tom Hromatka [Tue, 7 Jan 2020 19:31:45 +0000 (12:31 -0700)]
wrapper.c: Fix potentially unterminated strings
This commit fixes two adjacent strncpys that could result
in unterminated strings:
CID 1412144 (#2 of 2): Buffer not null terminated
(BUFFER_SIZE_WARNING)13. buffer_size_warning: Calling strncpy with a
maximum size argument of 100 bytes on destination array
cntl_value->value of size 100 bytes might leave the destination string
unterminated.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Tue, 7 Jan 2020 18:53:23 +0000 (11:53 -0700)]
wrapper.c: Fix buffer not null terminated Coverity warning
This patch fixes the following Coverity warning:
CID 1412155 (#1 of 1): Buffer not null terminated
(BUFFER_SIZE_WARNING)4. buffer_size_warning: Calling strncpy with a
maximum size argument of 100 bytes on destination array val->value of
size 100 bytes might leave the destination string unterminated.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Tue, 7 Jan 2020 15:03:49 +0000 (08:03 -0700)]
config.c: Silence Coverity warning about unterminated string
This commit silences the following Coverity warning:
CID 1412118 (#1 of 1): Buffer not null terminated
(BUFFER_SIZE_WARNING)6. buffer_size_warning: Calling strncpy with a
maximum size argument of 4096 bytes on destination array mount->name of
size 4096 bytes might leave the destination string unterminated.
Note that there are several areas (including this piece of code)
in libcgroup that do not gracefully handle string truncation. That
will be addressed in future patches.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Tue, 7 Jan 2020 14:22:14 +0000 (07:22 -0700)]
config.c: Fix Coverity warning about uninitialized pointer read
This commit resolves the following warning from Coverity:
CID 1412139 (#1 of 1): Uninitialized pointer read (UNINIT)5.
uninit_use_in_call: Using uninitialized value ctrl_handle when calling
cgroup_get_controller_end.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Sun, 5 Jan 2020 22:26:47 +0000 (15:26 -0700)]
api.c: Fix string truncation warning
This commit fixes this warning in api.c:
api.c: In function ‘cgroup_delete_cgroup_ext’:
api.c:2285:51: warning: ‘snprintf’ output may be truncated before the
last format character [-Wformat-truncation=]
2285 | snprintf(child_name, sizeof(child_name), "%s/%s",
| ^
api.c:2285:4: note: ‘snprintf’ output 2 or more bytes (assuming 4097)
into a destination of size 4096
2285 | snprintf(child_name, sizeof(child_name), "%s/%s",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2286 | cgroup_name,
| ~~~~~~~~~~~~
2287 | info.full_path + group_len);
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Sun, 5 Jan 2020 22:17:09 +0000 (15:17 -0700)]
api.c: Fix string truncation warning
This commit fixes this warning in api.c:
api.c: In function ‘cgroup_read_value_begin’:
api.c:4114:47: warning: ‘snprintf’ output may be truncated before the
last format character [-Wformat-truncation=]
4114 | snprintf(stat_file, sizeof(stat_file), "%s/%s", stat_path,
| ^
api.c:4114:2: note: ‘snprintf’ output 2 or more bytes (assuming 4097)
into a destination of size 4096
4114 | snprintf(stat_file, sizeof(stat_file), "%s/%s", stat_path,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4115 | name);
| ~~~~~
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Sun, 5 Jan 2020 22:13:51 +0000 (15:13 -0700)]
api.c: Fix string truncation warning
This commit fixes this warning in api.c:
api.c: In function ‘cgroup_read_stats_begin’:
api.c:4189:47: warning: ‘.stat’ directive output may be truncated
writing 5 bytes into a region of size between 0 and 4095
[-Wformat-truncation=]
4189 | snprintf(stat_file, sizeof(stat_file), "%s/%s.stat", stat_path,
| ^~~~~
api.c:4189:2: note: ‘snprintf’ output 7 or more bytes (assuming 4102)
into a destination of size 4096
4189 | snprintf(stat_file, sizeof(stat_file), "%s/%s.stat", stat_path,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4190 | controller);
| ~~~~~~~~~~~
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Sun, 5 Jan 2020 22:46:02 +0000 (15:46 -0700)]
cgrulesengd: Fix improper indentation warning
This commit fixes the following warning:
cgrulesengd.c: In function ‘cgre_parse_syslog_facility’:
cgrulesengd.c:1015:5: warning: this ‘if’ clause does not guard...
[-Wmisleading-indentation]
1015 | if (strlen(arg) > 1)
| ^~
cgrulesengd.c:1018:2: note: ...this statement, but the latter is
misleadingly indented as if it were guarded by the ‘if’
1018 | switch (arg[0]) {
| ^~~~~~
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Nikola Forró [Mon, 6 Jan 2020 16:09:30 +0000 (09:09 -0700)]
parse.y: Fix type declaration for group_name
The group_name grammar rule was incorrectly defined as
returning a type<val> which is an int. It actually returns
a type<name> which is a char *.
Having group_name declared as val (int) and assigning a char * value
to it can lead to crashes on platforms where pointer size exceeds
size of int.
On newer versions of Bison, this bug led to the following
warnings during compilation:
parse.y: In function ‘yyparse’:
parse.y:106:56: warning: passing argument 1 of
‘cgroup_config_insert_cgroup’ makes pointer from integer
without a cast [-Wint-conversion]
106 | $$ = cgroup_config_insert_cgroup($2);
| ^
| |
| int
In file included from parse.y:21:
./libcgroup-internal.h:231:39: note: expected ‘char *’ but argument is
of type ‘int’
231 | int cgroup_config_insert_cgroup(char *cg_name);
| ~~~~~~^~~~~~~
parse.y:125:15: warning: assignment to ‘int’ from ‘char *’ makes integer
from pointer without a cast [-Wint-conversion]
125 | $$ = $1;
| ^
parse.y:129:15: warning: assignment to ‘int’ from ‘char *’ makes integer
from pointer without a cast [-Wint-conversion]
129 | $$ = $1;
| ^
parse.y: In function ‘yyparse’:
parse.y:106:56: warning: passing argument 1 of
‘cgroup_config_insert_cgroup’ makes pointer from integer without a cast
[-Wint-conversion]
106 | $$ = cgroup_config_insert_cgroup($2);
| ^
| |
| int
In file included from parse.y:21:
./libcgroup-internal.h:231:39: note: expected ‘char *’ but argument is
of type ‘int’
231 | int cgroup_config_insert_cgroup(char *cg_name);
| ~~~~~~^~~~~~~
parse.y:125:15: warning: assignment to ‘int’ from ‘char *’ makes integer
from pointer without a cast [-Wint-conversion]
125 | $$ = $1;
| ^
parse.y:129:15: warning: assignment to ‘int’ from ‘char *’ makes integer
from pointer without a cast [-Wint-conversion]
129 | $$ = $1;
| ^
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Nikola Forró <nforro@redhat.com> Acked-by: Michal Koutný <mkoutny@suse.com>
Tom Hromatka [Wed, 20 Nov 2019 17:09:33 +0000 (17:09 +0000)]
tests: Add unit tests for cgroup_compare_wildcard_procname()
This commit adds unit tests for cgroup_compare_wildcard_procname().
The following tests are included in this commit:
WildcardProcnameSimpleMatch - Compares an ignore rule with a
wildcarded procname with a matching procname. Expects true.
WildcardProcnameNoMatch - Compares an ignore rule with a wildcarded
procname with a process that has a non-matching name. Expects
false.
ProcnameWildcard_AsteriskNoMatch - Compares a wildcard rule with
a process name that doesn't match. Expects false.
ProcnameWildcard_AsteriskMatch - Compares a wildcard rule with
a process name that does match the rule. Expects true.
ProcnameWildcard_AsteriskNoMatch2 - Compares a wildcard rule
with a process name that is shorter than the rule and thus
does not match. Expects false.
ProcnameWildcard_AsteriskMatchExactly - Compares a wildcard
rule with a process name that matches the rule exactly.
Expects true.
ProcnameWildcard_NoAsteriskMatchExactly - Compares a rule
with no wildcards with a process name that exactly matches
the rule. Expects false as the function exits early due
to no asterisk in the rule.
The results from googletest are reported below:
[----------] 13 tests from CgroupCompareIgnoreRuleTest
<snip>
[ RUN ] CgroupCompareIgnoreRuleTest.WildcardProcnameSimpleMatch
[ OK ] CgroupCompareIgnoreRuleTest.WildcardProcnameSimpleMatch (0 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.WildcardProcnameNoMatch
[ OK ] CgroupCompareIgnoreRuleTest.WildcardProcnameNoMatch (0 ms)
[----------] 13 tests from CgroupCompareIgnoreRuleTest (1 ms total)
[----------] 7 tests from ProcnameWildcardTest
[ RUN ] ProcnameWildcardTest.ProcnameWildcard_NoAsterisk
[ OK ] ProcnameWildcardTest.ProcnameWildcard_NoAsterisk (0 ms)
[ RUN ] ProcnameWildcardTest.ProcnameWildcard_AsteriskNoMatch
[ OK ] ProcnameWildcardTest.ProcnameWildcard_AsteriskNoMatch (0 ms)
[ RUN ] ProcnameWildcardTest.ProcnameWildcard_AsteriskMatch
[ OK ] ProcnameWildcardTest.ProcnameWildcard_AsteriskMatch (0 ms)
[ RUN ] ProcnameWildcardTest.ProcnameWildcard_AsteriskNoMatch2
[ OK ] ProcnameWildcardTest.ProcnameWildcard_AsteriskNoMatch2 (0 ms)
[ RUN ] ProcnameWildcardTest.ProcnameWildcard_AsteriskMatchExactly
[ OK ] ProcnameWildcardTest.ProcnameWildcard_AsteriskMatchExactly (0 ms)
[ RUN ] ProcnameWildcardTest.ProcnameWildcard_NoAsteriskMatchExactly
[ OK ] ProcnameWildcardTest.ProcnameWildcard_NoAsteriskMatchExactly (0 ms)
[ RUN ] ProcnameWildcardTest.ProcnameWildcard_AsteriskFirstChar
[ OK ] ProcnameWildcardTest.ProcnameWildcard_AsteriskFirstChar (0 ms)
[----------] 7 tests from ProcnameWildcardTest (0 ms total)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Mon, 4 Nov 2019 23:20:01 +0000 (23:20 +0000)]
tests: Add unit tests for cgroup_compare_ignore_rule()
The following tests are in this commit:
NotAnIgnore() - Test that non-ignore rules are not processed
SimpleMatch() - Test that an ignore rule with a matching cgroup
and controller match
CgroupsDontMatch() - Test that cgroups with similar but not matching
names do not match
ControllersDontMatch() - Test that controllers with non-matching
names do not match
CombinedControllers() - Test that controllers that have been mounted
on the same path, e.g. cpu,cpuacct, can be matched by a rule
MatchChildFolder() - Compares a rule with a single-level hierarchy
with a rule that matches that hierarchy
MatchGrandchildFolder() - Compares a rule with a multi-level hierarchy
with a process that matches that hierachy
MatchSimilarChildFolder() - Compares a child folder that is similar
to the rule. This mimics a misconfiguration that a user could
make
RealWorldMatch() - Test that a realistic cgroup proc file matches
a new process
RealWorldNoMatch() - Test that a realistic cgroup proc file will
not match a new process
SimilarFolderNoMatch() - Compares a rule with a folder name that
is similar to the process' cgroup, but not a match
RootDestinationMatch() - Compares a rule with the root as the
destination and a process also running in the root cgroup
RootDestinationNoMatch() - Compares a rule with the root as the
destination and a process in another cgroup folder
The results from googletest are reported below:
[----------] 13 tests from CgroupCompareIgnoreRuleTest
[ RUN ] CgroupCompareIgnoreRuleTest.NotAnIgnore
[ OK ] CgroupCompareIgnoreRuleTest.NotAnIgnore (0 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.SimpleMatch
[ OK ] CgroupCompareIgnoreRuleTest.SimpleMatch (0 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.CgroupsDontMatch
[ OK ] CgroupCompareIgnoreRuleTest.CgroupsDontMatch (0 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.ControllersDontMatch
[ OK ] CgroupCompareIgnoreRuleTest.ControllersDontMatch (0 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.CombinedControllers
[ OK ] CgroupCompareIgnoreRuleTest.CombinedControllers (0 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.MatchChildFolder
[ OK ] CgroupCompareIgnoreRuleTest.MatchChildFolder (0 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.MatchGrandchildFolder
[ OK ] CgroupCompareIgnoreRuleTest.MatchGrandchildFolder (0 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.MatchSimilarChildFolder
[ OK ] CgroupCompareIgnoreRuleTest.MatchSimilarChildFolder (0 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.RealWorldMatch
[ OK ] CgroupCompareIgnoreRuleTest.RealWorldMatch (0 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.RealWorldNoMatch
[ OK ] CgroupCompareIgnoreRuleTest.RealWorldNoMatch (1 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.SimilarFolderNoMatch
[ OK ] CgroupCompareIgnoreRuleTest.SimilarFolderNoMatch (0 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.RootDestinationMatch
[ OK ] CgroupCompareIgnoreRuleTest.RootDestinationMatch (0 ms)
[ RUN ] CgroupCompareIgnoreRuleTest.RootDestinationNoMatch
[ OK ] CgroupCompareIgnoreRuleTest.RootDestinationNoMatch (0 ms)
[----------] 13 tests from CgroupCompareIgnoreRuleTest (3 ms total)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Mon, 4 Nov 2019 23:18:48 +0000 (23:18 +0000)]
api.c: Add logic to process ignore rules
This commit updates the cgrulesengd logic that matches the new pid
to its corresponding rule by adding support for ignore rules. If
a user has created an ignore rule and the pid matches that rule
completely, then cgrulesengd will perform no further processing
(e.g. moving the pid to a different cgroup) on that pid. It is
assumed that a separate process - outside of libcgroup - will
manage that process and its cgroups.
For the above example:
* A new process named "foo" spawned in the IgnoreCgroup will be
ignored by cgrulesengd and will not be moved to DefaultCgroup
* A new process named "bar" spawned in the root cgroup will not
match the ignore rule and will be moved to the DefaultCgroup
by the second rule
* Any processes not in IgnoreCgroup will be automatically moved
to the default cgroup
For the above example:
* A new process named "bar" spawned in IgnoreCgroup2/childcg
will match the first rule and thus be ignored by cgrulesengd
and will not be moved
* In fact, any process in IgnoreCgroup2 or its children cgroup(s)
will be ignored by cgrulesengd
* cgrulesengd will attempt to move all other processes that don't
match the ignore rule to the default cgroup
<user> <controller> <destination> <options>
jdoe:foo cpu IgnoreCgroup ignore
* cpu DefaultCgroup
For the above example:
* If a process named "foo" is spawned by user jdoe and is in the
IgnoreCgroup cgroup, then cgrulesengd will ignore it and it
will not be moved
* If a process named "bar" is spawned in IgnoreCgroup, it will
not match the first rule and will fall into the default
rule. Thus it will be moved to the DefaultCgroup
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Mon, 4 Nov 2019 23:16:15 +0000 (23:16 +0000)]
tests: Add unit tests for cg_get_cgroups_from_proc_cgroups()
The following tests are in this commit:
ReadSingleLine() - Read a single valid line with a non-root controller
ReadSingleLine2() - Read a single valid line with a root controller
ReadEmptyController() - Some systems list a controller with no name.
This test simulates that scenario
ReadExampleFile() - Read several lines that are similar to a typical
/proc/{pid}/cgroups file
The results from googletest are reported below:
[----------] 4 tests from GetCgroupsFromProcCgroupsTest
[ RUN ] GetCgroupsFromProcCgroupsTest.ReadSingleLine
[ OK ] GetCgroupsFromProcCgroupsTest.ReadSingleLine (0 ms)
[ RUN ] GetCgroupsFromProcCgroupsTest.ReadSingleLine2
[ OK ] GetCgroupsFromProcCgroupsTest.ReadSingleLine2 (1 ms)
[ RUN ] GetCgroupsFromProcCgroupsTest.ReadEmptyController
[ OK ] GetCgroupsFromProcCgroupsTest.ReadEmptyController (0 ms)
[ RUN ] GetCgroupsFromProcCgroupsTest.ReadExampleFile
[ OK ] GetCgroupsFromProcCgroupsTest.ReadExampleFile (0 ms)
[----------] 4 tests from GetCgroupsFromProcCgroupsTest (1 ms total)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Mon, 4 Nov 2019 23:16:00 +0000 (23:16 +0000)]
api.c: Add function to read /proc/{pid}/cgroup
This commit adds a function that, given a pid, can read in
the controllers and cgroups listed in /proc/{pid}/cgroup.
The caller is expected to allocate the controller_list[]
and cgroup_list[] arrays as well as null each entry in the
arrays. cg_get_cgroups_from_proc_cgroups() will allocate
the necessary memory for each string within the arrays.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Mon, 4 Nov 2019 23:15:32 +0000 (23:15 +0000)]
tests: Add unit tests for cgroup_parse_rules_options()
The following tests are in this commit:
RulesOptions_Ignore() - The valid option "ignore" is tested
RulesOptions_IgnoreWithComma() - The valid (but syntactically
strange) option "ignore," is tested
RulesOptions_InvalidOption() - An invalid option is tested
RulesOptions_InvalidOption2() - An invalid option along with
a valid option is tested
RulesOptions_EmptyOptions() - An empty string is tested
RulesOptions_NullOptions() - A null-pointer option string is
tested
The results from googletest are reported below:
[----------] 6 tests from ParseRulesOptionsTest
[ RUN ] ParseRulesOptionsTest.RulesOptions_Ignore
[ OK ] ParseRulesOptionsTest.RulesOptions_Ignore (0 ms)
[ RUN ] ParseRulesOptionsTest.RulesOptions_IgnoreWithComma
[ OK ] ParseRulesOptionsTest.RulesOptions_IgnoreWithComma (0 ms)
[ RUN ] ParseRulesOptionsTest.RulesOptions_InvalidOption
[ OK ] ParseRulesOptionsTest.RulesOptions_InvalidOption (0 ms)
[ RUN ] ParseRulesOptionsTest.RulesOptions_InvalidOption2
[ OK ] ParseRulesOptionsTest.RulesOptions_InvalidOption2 (0 ms)
[ RUN ] ParseRulesOptionsTest.RulesOptions_EmptyOptions
[ OK ] ParseRulesOptionsTest.RulesOptions_EmptyOptions (0 ms)
[ RUN ] ParseRulesOptionsTest.RulesOptions_NullOptions
[ OK ] ParseRulesOptionsTest.RulesOptions_NullOptions (0 ms)
[----------] 6 tests from ParseRulesOptionsTest (0 ms total)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Mon, 4 Nov 2019 23:15:11 +0000 (23:15 +0000)]
api.c: Add options field for rules defined in cgrules conf file
This commit adds a fourth field called options to the rules
entry in cgrules configuration files. Note that the field is
optional and existing rules will be parsed exactly as before.
Also, this commit only adds the parsing of the options field.
It doesn't change the rule behavior logic; that will come in
a subsequent commit.
An example cgrules.conf using this feature:
<user> <controller> <destination> <options>
* cpu MyCgroup ignore
* cpu DefaultCgroup
In the above example (and once the subsequent processing is
added), any process currently in the cpu controller and
MyCgroup will be ignored by cgrulesengd. In other words,
cgrules will not try to move these processes to another cgroup
or manage them in any fashion. It is anticipated that a
separate user process (outside of the scope of libcgroup) will
manage pids in this scenario.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Mon, 18 Nov 2019 16:32:08 +0000 (16:32 +0000)]
api: Increase MAX_MNT_ELEMENTS to 16
Newer kernels now support many cgroup controllers; thus we
need to increase the number of elements we can safely read
from /proc/{pid}/cgroup. This commit increases the number
of elements from 8 to 16.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Mon, 4 Nov 2019 23:14:16 +0000 (23:14 +0000)]
tests: Add STATIC and UNIT_TEST definitions to automake files
This commit adds two new definitions to the automake Makefile.am
files. This change has no effect on the deliverable binaries.
STATIC - For a standard libcgroup library build, STATIC is equal
to the "static" keyword and behaves exactly the same.
For a unit test build, STATIC is mapped to an empty
string. This allows the unit tests to invoke static
functions that would otherwise be unavailable to the
test suite.
UNIT_TEST - This define is used in libcgroup-internal.h to
wrap the function prototypes of STATIC functions.
In a standard libcgroup library build, UNIT_TEST
is _not_ defined, and thus the prototypes are not
available. In a unit test build, UNIT_TEST is
defined and the function prototypes are available
for the unit tests to use.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Tom Hromatka [Thu, 10 Oct 2019 15:52:03 +0000 (09:52 -0600)]
README: Add README.md
This commit adds README.md. It contains graphics that show the
status of the continuous integration and code coverage results.
It also contains a link to the original README. Note that github
doesn't allow the inlining of files in markdown due to security
concerns, so a link is the best we can do.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Dhaval Giani <dhaval.giani@oracle.com>
Tom Hromatka [Mon, 23 Sep 2019 22:14:50 +0000 (22:14 +0000)]
tests: Gather code coverage data after a successful CI run
Upon successful completion of a continuous integration (CI) build
through Travis CI, this commit enables coveralls.io to generate
code coverage results by utilizing the gcov data generated
during both the unit and functional test runs.
Note that the m4/ax_code_coverage.m4 file is provided by the
autoconf team, and it has been used verbatim. The original
file is available here:
https://git.savannah.gnu.org/gitweb/?p=autoconf-archive.git;a=blob_plain;f=m4/ax_code_coverage.m4
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Dhaval Giani <dhaval.giani@oracle.com>
Tom Hromatka [Mon, 23 Sep 2019 22:09:48 +0000 (22:09 +0000)]
tests: Switch to using LXD for functional tests
Prior to this commit, the functional tests used LXC. LXD is
better for configuring a shared device between the host and
container that can be written to by the container. This
feature is critical for tracking code coverage in the
functional tests.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Dhaval Giani <dhaval.giani@oracle.com>
Tom Hromatka [Thu, 19 Sep 2019 20:55:12 +0000 (14:55 -0600)]
tests: Disable the legacy tests
The legacy tests do not successfully run in Travis CI. This
commit disables them from running but does leave the test
code in place. The future of these tests and whether they will
be removed from the repo or not will be revisited at a later
date.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Dhaval Giani <dhaval.giani@oracle.com>
Tom Hromatka [Thu, 19 Sep 2019 20:51:55 +0000 (14:51 -0600)]
tests: Use python3 in the functional tests
Python 2.7 will not be maintained beyond January 1, 2020. To
avoid potential problems when python 2 is retired, this commit
explicitly instructs the functional tests to use python3.
Suggested-by: Michal Koutný <mkoutny@suse.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Dhaval Giani <dhaval.giani@oracle.com>
Tom Hromatka [Mon, 7 Oct 2019 20:44:46 +0000 (14:44 -0600)]
tests: Fix inconsistent return value in functional test's Container() class
This commit fixes the Container() class' inconsistent usage
of decode(). In the rootfs() method, it returned a binary
array in one case and a string in another. Now the rootfs()
method will always return a string.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Dhaval Giani <dhaval.giani@oracle.com>
Tom Hromatka [Mon, 7 Oct 2019 20:42:21 +0000 (14:42 -0600)]
tests: Fix errors in functional test error path handling
The RunError() exception class had two bugs that prevented
it from properly formatting a run exception:
1) It wasn't being created properly due to a misplaced
parenthesis
2) It had a syntax error in its __str__() method where
it was using self.message rather than self.command
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Dhaval Giani <dhaval.giani@oracle.com>
Tom Hromatka [Thu, 19 Sep 2019 20:40:37 +0000 (14:40 -0600)]
tests: Improve the unit test framework integration with automake
Prior to this commit, the unit test framework behaved slightly
differently depending upon how the libcgroup git repo was
cloned. This commit standardizes the unit test framework's
behavior by initializing the googletest submodule when
bootstrap.sh is invoked.
This commit also cleans up a potential issue on some versions
of automake that don't properly expand $(top_builddir) early
in the automake process.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Dhaval Giani <dhaval.giani@oracle.com>
projects / thirdparty / libcgroup.git / log
