github.com/anonymouse64/snapd@v0.0.0-20210824153203-04c4c42d842d/cmd/libsnap-confine-private/cgroup-freezer-support.c (about) 1 /* 2 * Copyright (C) 2019 Canonical Ltd 3 * 4 * This program is free software: you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License version 3 as 6 * published by the Free Software Foundation. 7 * 8 * This program is distributed in the hope that it will be useful, 9 * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 * GNU General Public License for more details. 12 * 13 * You should have received a copy of the GNU General Public License 14 * along with this program. If not, see <http://www.gnu.org/licenses/>. 15 * 16 */ 17 18 // For AT_EMPTY_PATH and O_PATH 19 #define _GNU_SOURCE 20 21 #include "cgroup-freezer-support.h" 22 23 #include <errno.h> 24 #include <fcntl.h> 25 #include <limits.h> 26 #include <string.h> 27 #include <sys/stat.h> 28 #include <sys/types.h> 29 #include <unistd.h> 30 31 #include "cgroup-support.h" 32 #include "cleanup-funcs.h" 33 #include "string-utils.h" 34 #include "utils.h" 35 36 static const char *freezer_cgroup_dir = "/sys/fs/cgroup/freezer"; 37 38 void sc_cgroup_freezer_join(const char *snap_name, pid_t pid) 39 { 40 char buf[PATH_MAX] = { 0 }; 41 sc_must_snprintf(buf, sizeof buf, "snap.%s", snap_name); 42 sc_cgroup_create_and_join(freezer_cgroup_dir, buf, pid); 43 } 44 45 bool sc_cgroup_freezer_occupied(const char *snap_name) 46 { 47 // Format the name of the cgroup hierarchy. 48 char buf[PATH_MAX] = { 0 }; 49 sc_must_snprintf(buf, sizeof buf, "snap.%s", snap_name); 50 51 // Open the freezer cgroup directory. 52 int cgroup_fd SC_CLEANUP(sc_cleanup_close) = -1; 53 cgroup_fd = open(freezer_cgroup_dir, 54 O_PATH | O_DIRECTORY | O_NOFOLLOW | O_CLOEXEC); 55 if (cgroup_fd < 0) { 56 die("cannot open freezer cgroup (%s)", freezer_cgroup_dir); 57 } 58 // Open the proc directory. 59 int proc_fd SC_CLEANUP(sc_cleanup_close) = -1; 60 proc_fd = open("/proc", O_PATH | O_DIRECTORY | O_NOFOLLOW | O_CLOEXEC); 61 if (proc_fd < 0) { 62 die("cannot open /proc"); 63 } 64 // Open the hierarchy directory for the given snap. 65 int hierarchy_fd SC_CLEANUP(sc_cleanup_close) = -1; 66 hierarchy_fd = openat(cgroup_fd, buf, 67 O_PATH | O_DIRECTORY | O_NOFOLLOW | O_CLOEXEC); 68 if (hierarchy_fd < 0) { 69 if (errno == ENOENT) { 70 return false; 71 } 72 die("cannot open freezer cgroup hierarchy for snap %s", 73 snap_name); 74 } 75 // Open the "cgroup.procs" file. Alternatively we could open the "tasks" 76 // file and see per-thread data but we don't need that. 77 int cgroup_procs_fd SC_CLEANUP(sc_cleanup_close) = -1; 78 cgroup_procs_fd = openat(hierarchy_fd, "cgroup.procs", 79 O_RDONLY | O_NOFOLLOW | O_CLOEXEC); 80 if (cgroup_procs_fd < 0) { 81 die("cannot open cgroup.procs file for freezer cgroup hierarchy for snap %s", snap_name); 82 } 83 84 FILE *cgroup_procs SC_CLEANUP(sc_cleanup_file) = NULL; 85 cgroup_procs = fdopen(cgroup_procs_fd, "r"); 86 if (cgroup_procs == NULL) { 87 die("cannot convert cgroups.procs file descriptor to FILE"); 88 } 89 cgroup_procs_fd = -1; // cgroup_procs_fd will now be closed by fclose. 90 91 char *line_buf SC_CLEANUP(sc_cleanup_string) = NULL; 92 size_t line_buf_size = 0; 93 ssize_t num_read; 94 struct stat statbuf; 95 for (;;) { 96 num_read = getline(&line_buf, &line_buf_size, cgroup_procs); 97 if (num_read < 0 && errno != 0) { 98 die("cannot read next PID belonging to snap %s", 99 snap_name); 100 } 101 if (num_read <= 0) { 102 break; 103 } else { 104 if (line_buf[num_read - 1] == '\n') { 105 line_buf[num_read - 1] = '\0'; 106 } else { 107 die("could not find newline in cgroup.procs"); 108 } 109 } 110 debug("found process id: %s\n", line_buf); 111 112 if (fstatat(proc_fd, line_buf, &statbuf, AT_SYMLINK_NOFOLLOW) < 113 0) { 114 // The process may have died already. 115 if (errno != ENOENT) { 116 die("cannot stat /proc/%s", line_buf); 117 } 118 continue; 119 } 120 debug("found live process %s belonging to user %d", 121 line_buf, statbuf.st_uid); 122 return true; 123 } 124 125 return false; 126 }