1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
|
/*
* Copyright IBM Corporation. 2008
*
* Author: Dhaval Giani <dhaval@linux.vnet.ibm.com>
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of version 2.1 of the GNU Lesser General Public License
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it would be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*
*/
#ifndef __LIBCG_INTERNAL
#define __LIBCG_INTERNAL
__BEGIN_DECLS
#include "config.h"
#include <fts.h>
#include <libcgroup.h>
#include <limits.h>
#include <pthread.h>
#include <sys/stat.h>
#include <sys/types.h>
/* Maximum number of mount points/controllers */
#define MAX_MNT_ELEMENTS 8
/* Estimated number of groups created */
#define MAX_GROUP_ELEMENTS 128
#define CG_NV_MAX 100
#define CG_CONTROLLER_MAX 100
/* Max number of mounted hierarchies. Event if one controller is mounted per
* hier, it can not exceed CG_CONTROLLER_MAX
*/
#define CG_HIER_MAX CG_CONTROLLER_MAX
/* Definitions for the uid and gid members of a cgroup_rules */
#define CGRULE_INVALID (-1)
#define CGRULE_WILD (-2)
#define CGRULE_SUCCESS_STORE_PID "SUCCESS_STORE_PID"
#define CGRULES_CONF_FILE "/etc/cgrules.conf"
#define CGRULES_MAX_FIELDS_PER_LINE 3
#define CGROUP_BUFFER_LEN (5 * FILENAME_MAX)
/* Maximum length of a key(<user>:<process name>) in the daemon config file */
#define CGROUP_RULE_MAXKEY (LOGIN_NAME_MAX + FILENAME_MAX + 1)
/* Maximum length of a line in the daemon config file */
#define CGROUP_RULE_MAXLINE (FILENAME_MAX + CGROUP_RULE_MAXKEY + \
CG_CONTROLLER_MAX + 3)
#ifdef CGROUP_DEBUG
#define cgroup_dbg(x...) printf(x)
#else
#define cgroup_dbg(x...) do {} while (0)
#endif
#define max(x,y) ((y)<(x)?(x):(y))
#define min(x,y) ((y)>(x)?(x):(y))
struct control_value {
char name[FILENAME_MAX];
char value[CG_VALUE_MAX];
};
struct cgroup_controller {
char name[FILENAME_MAX];
struct control_value *values[CG_NV_MAX];
int index;
};
struct cgroup {
char name[FILENAME_MAX];
struct cgroup_controller *controller[CG_CONTROLLER_MAX];
int index;
uid_t tasks_uid;
gid_t tasks_gid;
uid_t control_uid;
gid_t control_gid;
};
struct cg_mount_table_s {
char name[FILENAME_MAX];
char path[FILENAME_MAX];
int index;
};
struct cgroup_rules_data {
pid_t pid; /* pid of the process which needs to change group */
/* Details of user under consideration for destination cgroup */
struct passwd *pw;
/* Gid of the process */
gid_t gid;
};
/* A rule that maps UID/GID to a cgroup */
struct cgroup_rule {
uid_t uid;
gid_t gid;
char *procname;
char username[LOGIN_NAME_MAX];
char destination[FILENAME_MAX];
char *controllers[MAX_MNT_ELEMENTS];
struct cgroup_rule *next;
};
/* Container for a list of rules */
struct cgroup_rule_list {
struct cgroup_rule *head;
struct cgroup_rule *tail;
int len;
};
/*The walk_tree handle */
struct cgroup_tree_handle {
FTS *fts;
int flags;
};
/**
* per thread errno variable, to be used when return code is ECGOTHER
*/
extern __thread int last_errno;
/* Internal API */
char *cg_build_path(const char *name, char *path, const char *type);
int cgroup_get_uid_gid_from_procfs(pid_t pid, uid_t *euid, gid_t *egid);
int cgroup_get_procname_from_procfs(pid_t pid, char **procname);
int cg_mkdir_p(const char *path);
struct cgroup *create_cgroup_from_name_value_pairs(const char *name,
struct control_value *name_value, int nv_number);
/*
* Main mounting structures
*/
struct cg_mount_table_s cg_mount_table[CG_CONTROLLER_MAX];
static pthread_rwlock_t cg_mount_table_lock = PTHREAD_RWLOCK_INITIALIZER;
/*
* config related structures
*/
extern __thread char *cg_namespace_table[CG_CONTROLLER_MAX];
/*
* config related API
*/
int cgroup_config_insert_cgroup(char *cg_name);
int cgroup_config_parse_controller_options(char *controller, char *name_value);
int cgroup_config_group_task_perm(char *perm_type, char *value);
int cgroup_config_group_admin_perm(char *perm_type, char *value);
int cgroup_config_insert_into_mount_table(char *name, char *mount_point);
int cgroup_config_insert_into_namespace_table(char *name, char *mount_point);
void cgroup_config_cleanup_mount_table(void);
__END_DECLS
#endif
|
