Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 78effbf4 authored by T.J. Mercier's avatar T.J. Mercier Committed by Gerrit Code Review
Browse files

Merge "libprocessgroup: Support memcg v1 per-app with... 

Merge "libprocessgroup: Support memcg v1 per-app with PRODUCT_CGROUP_V2_SYS_APP_ISOLATION_ENABLED" into main
parents 0d6baa13 c897b0a8

libprocessgroup/processgroup.cpp

+12 −11
Original line number Original line Diff line number Diff line
@@ -85,7 +85,8 @@ static bool CgroupKillAvailable() { 
        CgroupGetControllerPath(CGROUPV2_HIERARCHY_NAME, &cg_kill);

        CgroupGetControllerPath(CGROUPV2_HIERARCHY_NAME, &cg_kill);

        // cgroup.kill is not on the root cgroup, so check a non-root cgroup that should always

        // cgroup.kill is not on the root cgroup, so check a non-root cgroup that should always

        // exist

        // exist

        cg_kill = ConvertUidToPath(cg_kill.c_str(), AID_ROOT) + '/' + PROCESSGROUP_CGROUP_KILL_FILE;

        cg_kill = ConvertUidToPath(cg_kill.c_str(), AID_ROOT, true) + '/' +

            PROCESSGROUP_CGROUP_KILL_FILE;

        cgroup_kill_available = access(cg_kill.c_str(), F_OK) == 0;

        cgroup_kill_available = access(cg_kill.c_str(), F_OK) == 0;

    });

    });
@@ -241,14 +242,14 @@ bool SetUserProfiles(uid_t uid, const std::vector<std::string>& profiles) { 
                                                       false);

                                                       false);

}

}





static int RemoveCgroup(const char* cgroup, uid_t uid, pid_t pid) {

static int RemoveCgroup(const char* cgroup, uid_t uid, pid_t pid, bool v2_path) {

    auto path = ConvertUidPidToPath(cgroup, uid, pid);

    auto path = ConvertUidPidToPath(cgroup, uid, pid, v2_path);

    int ret = TEMP_FAILURE_RETRY(rmdir(path.c_str()));

    int ret = TEMP_FAILURE_RETRY(rmdir(path.c_str()));





    if (!ret && uid >= AID_ISOLATED_START && uid <= AID_ISOLATED_END) {

    if (!ret && uid >= AID_ISOLATED_START && uid <= AID_ISOLATED_END) {

        // Isolated UIDs are unlikely to be reused soon after removal,

        // Isolated UIDs are unlikely to be reused soon after removal,

        // so free up the kernel resources for the UID level cgroup.

        // so free up the kernel resources for the UID level cgroup.

        path = ConvertUidToPath(cgroup, uid);

        path = ConvertUidToPath(cgroup, uid, v2_path);

        ret = TEMP_FAILURE_RETRY(rmdir(path.c_str()));

        ret = TEMP_FAILURE_RETRY(rmdir(path.c_str()));

    }

    }
@@ -385,7 +386,7 @@ bool sendSignalToProcessGroup(uid_t uid, pid_t initialPid, int signal) { 
    if (CgroupsAvailable()) {

    if (CgroupsAvailable()) {

        std::string hierarchy_root_path, cgroup_v2_path;

        std::string hierarchy_root_path, cgroup_v2_path;

        CgroupGetControllerPath(CGROUPV2_HIERARCHY_NAME, &hierarchy_root_path);

        CgroupGetControllerPath(CGROUPV2_HIERARCHY_NAME, &hierarchy_root_path);

        cgroup_v2_path = ConvertUidPidToPath(hierarchy_root_path.c_str(), uid, initialPid);

        cgroup_v2_path = ConvertUidPidToPath(hierarchy_root_path.c_str(), uid, initialPid, true);





        if (signal == SIGKILL && CgroupKillAvailable()) {

        if (signal == SIGKILL && CgroupKillAvailable()) {

            LOG(VERBOSE) << "Using " << PROCESSGROUP_CGROUP_KILL_FILE << " to SIGKILL "

            LOG(VERBOSE) << "Using " << PROCESSGROUP_CGROUP_KILL_FILE << " to SIGKILL "
@@ -556,7 +557,7 @@ static int KillProcessGroup( 
    CgroupGetControllerPath(CGROUPV2_HIERARCHY_NAME, &hierarchy_root_path);

    CgroupGetControllerPath(CGROUPV2_HIERARCHY_NAME, &hierarchy_root_path);





    const std::string cgroup_v2_path =

    const std::string cgroup_v2_path =

            ConvertUidPidToPath(hierarchy_root_path.c_str(), uid, initialPid);

            ConvertUidPidToPath(hierarchy_root_path.c_str(), uid, initialPid, true);





    const std::string eventsfile = cgroup_v2_path + '/' + PROCESSGROUP_CGROUP_EVENTS_FILE;

    const std::string eventsfile = cgroup_v2_path + '/' + PROCESSGROUP_CGROUP_EVENTS_FILE;

    android::base::unique_fd events_fd(open(eventsfile.c_str(), O_RDONLY));

    android::base::unique_fd events_fd(open(eventsfile.c_str(), O_RDONLY));
@@ -622,7 +623,7 @@ static int KillProcessGroup( 
                         << " after " << kill_duration.count() << " ms";

                         << " after " << kill_duration.count() << " ms";

        }

        }





        ret = RemoveCgroup(hierarchy_root_path.c_str(), uid, initialPid);

        ret = RemoveCgroup(hierarchy_root_path.c_str(), uid, initialPid, true);

        if (ret)

        if (ret)

            PLOG(ERROR) << "Unable to remove cgroup " << cgroup_v2_path;

            PLOG(ERROR) << "Unable to remove cgroup " << cgroup_v2_path;

        else

        else
@@ -633,9 +634,9 @@ static int KillProcessGroup( 
            // memcg v2.

            // memcg v2.

            std::string memcg_apps_path;

            std::string memcg_apps_path;

            if (CgroupGetMemcgAppsPath(&memcg_apps_path) &&

            if (CgroupGetMemcgAppsPath(&memcg_apps_path) &&

                (ret = RemoveCgroup(memcg_apps_path.c_str(), uid, initialPid)) < 0) {

                (ret = RemoveCgroup(memcg_apps_path.c_str(), uid, initialPid, false)) < 0) {

                const auto memcg_v1_cgroup_path =

                const auto memcg_v1_cgroup_path =

                        ConvertUidPidToPath(memcg_apps_path.c_str(), uid, initialPid);

                        ConvertUidPidToPath(memcg_apps_path.c_str(), uid, initialPid, false);

                PLOG(ERROR) << "Unable to remove memcg v1 cgroup " << memcg_v1_cgroup_path;

                PLOG(ERROR) << "Unable to remove memcg v1 cgroup " << memcg_v1_cgroup_path;

            }

            }

        }

        }
@@ -657,7 +658,7 @@ int killProcessGroupOnce(uid_t uid, pid_t initialPid, int signal) { 




static int createProcessGroupInternal(uid_t uid, pid_t initialPid, std::string cgroup,

static int createProcessGroupInternal(uid_t uid, pid_t initialPid, std::string cgroup,

                                      bool activate_controllers) {

                                      bool activate_controllers) {

    auto uid_path = ConvertUidToPath(cgroup.c_str(), uid);

    auto uid_path = ConvertUidToPath(cgroup.c_str(), uid, activate_controllers);





    struct stat cgroup_stat;

    struct stat cgroup_stat;

    mode_t cgroup_mode = 0750;

    mode_t cgroup_mode = 0750;
@@ -684,7 +685,7 @@ static int createProcessGroupInternal(uid_t uid, pid_t initialPid, std::string c 
        }

        }

    }

    }





    auto uid_pid_path = ConvertUidPidToPath(cgroup.c_str(), uid, initialPid);

    auto uid_pid_path = ConvertUidPidToPath(cgroup.c_str(), uid, initialPid, activate_controllers);





    if (!MkdirAndChown(uid_pid_path, cgroup_mode, cgroup_uid, cgroup_gid)) {

    if (!MkdirAndChown(uid_pid_path, cgroup_mode, cgroup_uid, cgroup_gid)) {

        PLOG(ERROR) << "Failed to make and chown " << uid_pid_path;

        PLOG(ERROR) << "Failed to make and chown " << uid_pid_path;

libprocessgroup/task_profiles.cpp

+6 −6
Original line number Original line Diff line number Diff line
@@ -150,8 +150,8 @@ static bool isSystemApp(uid_t uid) { 
    return uid < AID_APP_START;

    return uid < AID_APP_START;

}

}





std::string ConvertUidToPath(const char* root_cgroup_path, uid_t uid) {

std::string ConvertUidToPath(const char* root_cgroup_path, uid_t uid, bool v2_path) {

    if (android::libprocessgroup_flags::cgroup_v2_sys_app_isolation()) {

    if (android::libprocessgroup_flags::cgroup_v2_sys_app_isolation() && v2_path) {

        if (isSystemApp(uid))

        if (isSystemApp(uid))

            return StringPrintf("%s/system/uid_%u", root_cgroup_path, uid);

            return StringPrintf("%s/system/uid_%u", root_cgroup_path, uid);

        else

        else
@@ -160,14 +160,14 @@ std::string ConvertUidToPath(const char* root_cgroup_path, uid_t uid) { 
    return StringPrintf("%s/uid_%u", root_cgroup_path, uid);

    return StringPrintf("%s/uid_%u", root_cgroup_path, uid);

}

}





std::string ConvertUidPidToPath(const char* root_cgroup_path, uid_t uid, pid_t pid) {

std::string ConvertUidPidToPath(const char* root_cgroup_path, uid_t uid, pid_t pid, bool v2_path) {

    const std::string uid_path = ConvertUidToPath(root_cgroup_path, uid);

    const std::string uid_path = ConvertUidToPath(root_cgroup_path, uid, v2_path);

    return StringPrintf("%s/pid_%d", uid_path.c_str(), pid);

    return StringPrintf("%s/pid_%d", uid_path.c_str(), pid);

}

}





bool ProfileAttribute::GetPathForProcess(uid_t uid, pid_t pid, std::string* path) const {

bool ProfileAttribute::GetPathForProcess(uid_t uid, pid_t pid, std::string* path) const {

    if (controller()->version() == 2) {

    if (controller()->version() == 2) {

        const std::string cgroup_path = ConvertUidPidToPath(controller()->path(), uid, pid);

        const std::string cgroup_path = ConvertUidPidToPath(controller()->path(), uid, pid, true);

        *path = cgroup_path + "/" + file_name();

        *path = cgroup_path + "/" + file_name();

        return true;

        return true;

    }

    }
@@ -199,7 +199,7 @@ bool ProfileAttribute::GetPathForUID(uid_t uid, std::string* path) const { 
        return true;

        return true;

    }

    }





    const std::string cgroup_path = ConvertUidToPath(controller()->path(), uid);

    const std::string cgroup_path = ConvertUidToPath(controller()->path(), uid, true);

    *path = cgroup_path + "/" + file_name();

    *path = cgroup_path + "/" + file_name();

    return true;

    return true;

}

}

libprocessgroup/task_profiles.h

+2 −2
Original line number Original line Diff line number Diff line
@@ -258,5 +258,5 @@ class TaskProfiles { 
    std::map<std::string, std::unique_ptr<IProfileAttribute>, std::less<>> attributes_;

    std::map<std::string, std::unique_ptr<IProfileAttribute>, std::less<>> attributes_;

};

};





std::string ConvertUidToPath(const char* root_cgroup_path, uid_t uid);

std::string ConvertUidToPath(const char* root_cgroup_path, uid_t uid, bool v2_path);

std::string ConvertUidPidToPath(const char* root_cgroup_path, uid_t uid, pid_t pid);
 
std::string ConvertUidPidToPath(const char* root_cgroup_path, uid_t uid, pid_t pid, bool v2_path);