From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 6 Oct 2023 16:38:22 +0000 (+0200)
Subject: cgroup: rename cgroup_modify_nft_set() → unit_modify_nft_set()
X-Git-Tag: v255-rc1~298^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=49b6babb76c306ccf9a06845cd6a4cb2083e051a;p=thirdparty%2Fsystemd.git

cgroup: rename cgroup_modify_nft_set() → unit_modify_nft_set()

This is the only function that cgroup.h exports that is prefixed with
cgroup_ where this does not refer to some type such as CGroupContext or
CGroupTasksMax or so. It simply operates on a unit. And it doesn't even
modify a cgroup, but just modifies an nft set.

Hence, to make the naming scheme systematic, change prefix from cgroup_
to unit_, matching the majority of the functions that operate on Unit*
in the file.
---

diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index e2046f2c869..b6c1a7265e9 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -1387,19 +1387,20 @@ static void cgroup_apply_firewall(Unit *u) {
         (void) bpf_firewall_install(u);
 }
 
-void cgroup_modify_nft_set(Unit *u, bool add) {
+void unit_modify_nft_set(Unit *u, bool add) {
         int r;
-        CGroupContext *c;
 
         assert(u);
 
         if (!MANAGER_IS_SYSTEM(u->manager))
                 return;
 
+        if (!UNIT_HAS_CGROUP_CONTEXT(u))
+                return;
+
         if (cg_all_unified() <= 0)
                 return;
 
-        assert_se(c = unit_get_cgroup_context(u));
         if (u->cgroup_id == 0)
                 return;
 
@@ -1411,6 +1412,8 @@ void cgroup_modify_nft_set(Unit *u, bool add) {
                 assert(u->manager->fw_ctx);
         }
 
+        CGroupContext *c = ASSERT_PTR(unit_get_cgroup_context(u));
+
         FOREACH_ARRAY(nft_set, c->nft_set_context.sets, c->nft_set_context.n_sets) {
                 uint64_t element = u->cgroup_id;
 
@@ -1864,7 +1867,7 @@ static void cgroup_context_apply(
         if (apply_mask & CGROUP_MASK_BPF_RESTRICT_NETWORK_INTERFACES)
                 cgroup_apply_restrict_network_interfaces(u);
 
-        cgroup_modify_nft_set(u, /* add = */ true);
+        unit_modify_nft_set(u, /* add = */ true);
 }
 
 static bool unit_get_needs_bpf_firewall(Unit *u) {
@@ -3042,7 +3045,7 @@ void unit_prune_cgroup(Unit *u) {
         (void) lsm_bpf_cleanup(u); /* Remove cgroup from the global LSM BPF map */
 #endif
 
-        cgroup_modify_nft_set(u, /* add = */ false);
+        unit_modify_nft_set(u, /* add = */ false);
 
         is_root_slice = unit_has_name(u, SPECIAL_ROOT_SLICE);
 
diff --git a/src/core/cgroup.h b/src/core/cgroup.h
index bd6345820c5..b189ed7485b 100644
--- a/src/core/cgroup.h
+++ b/src/core/cgroup.h
@@ -278,7 +278,7 @@ static inline bool cgroup_context_want_memory_pressure(const CGroupContext *c) {
 int cgroup_context_add_device_allow(CGroupContext *c, const char *dev, const char *mode);
 int cgroup_context_add_bpf_foreign_program(CGroupContext *c, uint32_t attach_type, const char *path);
 
-void cgroup_modify_nft_set(Unit *u, bool add);
+void unit_modify_nft_set(Unit *u, bool add);
 
 CGroupMask unit_get_own_mask(Unit *u);
 CGroupMask unit_get_delegate_mask(Unit *u);
diff --git a/src/core/unit.c b/src/core/unit.c
index eed092b4dcc..109148b02ab 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -3843,10 +3843,7 @@ int unit_coldplug(Unit *u) {
         if (u->nop_job)
                 RET_GATHER(r, job_coldplug(u->nop_job));
 
-        CGroupContext *c = unit_get_cgroup_context(u);
-        if (c)
-                cgroup_modify_nft_set(u, /* add = */ true);
-
+        unit_modify_nft_set(u, /* add = */ true);
         return r;
 }