1 /* 2 * Copyright 2014 Google, Inc 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <sys/cdefs.h> 20 #include <sys/types.h> 21 #include <initializer_list> 22 #include <span> 23 #include <string> 24 #include <string_view> 25 #include <vector> 26 27 __BEGIN_DECLS 28 29 static constexpr const char* CGROUPV2_CONTROLLER_NAME = "cgroup2"; 30 31 bool CgroupsAvailable(); 32 bool CgroupGetControllerPath(const std::string& cgroup_name, std::string* path); 33 bool CgroupGetControllerFromPath(const std::string& path, std::string* cgroup_name); 34 bool CgroupGetAttributePath(const std::string& attr_name, std::string* path); 35 bool CgroupGetAttributePathForTask(const std::string& attr_name, int tid, std::string* path); 36 37 bool SetTaskProfiles(int tid, const std::vector<std::string>& profiles, bool use_fd_cache = false); 38 bool SetProcessProfiles(uid_t uid, pid_t pid, const std::vector<std::string>& profiles); 39 bool SetUserProfiles(uid_t uid, const std::vector<std::string>& profiles); 40 41 __END_DECLS 42 43 bool SetTaskProfiles(int tid, std::initializer_list<std::string_view> profiles, 44 bool use_fd_cache = false); 45 bool SetProcessProfiles(uid_t uid, pid_t pid, std::initializer_list<std::string_view> profiles); 46 #if _LIBCPP_STD_VER > 17 47 bool SetTaskProfiles(int tid, std::span<const std::string_view> profiles, 48 bool use_fd_cache = false); 49 bool SetProcessProfiles(uid_t uid, pid_t pid, std::span<const std::string_view> profiles); 50 #endif 51 52 __BEGIN_DECLS 53 54 #ifndef __ANDROID_VNDK__ 55 56 bool SetProcessProfilesCached(uid_t uid, pid_t pid, const std::vector<std::string>& profiles); 57 58 static constexpr const char* CGROUPS_RC_PATH = "/dev/cgroup_info/cgroup.rc"; 59 60 bool UsePerAppMemcg(); 61 62 // Drop the fd cache of cgroup path. It is used for when resource caching is enabled and a process 63 // loses the access to the path, the access checking (See SetCgroupAction::EnableResourceCaching) 64 // should be active again. E.g. Zygote specialization for child process. 65 void DropTaskProfilesResourceCaching(); 66 67 // Return 0 and removes the cgroup if there are no longer any processes in it. 68 // Returns -1 in the case of an error occurring or if there are processes still running 69 // even after retrying for up to 200ms. 70 // If max_processes is not nullptr, it returns the maximum number of processes seen in the cgroup 71 // during the killing process. Note that this can be 0 if all processes from the process group have 72 // already been terminated. 73 int killProcessGroup(uid_t uid, int initialPid, int signal, int* max_processes = nullptr); 74 75 // Returns the same as killProcessGroup(), however it does not retry, which means 76 // that it only returns 0 in the case that the cgroup exists and it contains no processes. 77 int killProcessGroupOnce(uid_t uid, int initialPid, int signal, int* max_processes = nullptr); 78 79 // Sends the provided signal to all members of a process group, but does not wait for processes to 80 // exit, or for the cgroup to be removed. Callers should also ensure that killProcessGroup is called 81 // later to ensure the cgroup is fully removed, otherwise system resources may leak. 82 int sendSignalToProcessGroup(uid_t uid, int initialPid, int signal); 83 84 int createProcessGroup(uid_t uid, int initialPid, bool memControl = false); 85 86 // Set various properties of a process group. For these functions to work, the process group must 87 // have been created by passing memControl=true to createProcessGroup. 88 bool setProcessGroupSwappiness(uid_t uid, int initialPid, int swappiness); 89 bool setProcessGroupSoftLimit(uid_t uid, int initialPid, int64_t softLimitInBytes); 90 bool setProcessGroupLimit(uid_t uid, int initialPid, int64_t limitInBytes); 91 92 void removeAllProcessGroups(void); 93 void removeAllEmptyProcessGroups(void); 94 95 // Provides the path for an attribute in a specific process group 96 // Returns false in case of error, true in case of success 97 bool getAttributePathForTask(const std::string& attr_name, int tid, std::string* path); 98 99 // Check if a profile can be applied without failing. 100 // Returns true if it can be applied without failing, false otherwise 101 bool isProfileValidForProcess(const std::string& profile_name, int uid, int pid); 102 103 #endif // __ANDROID_VNDK__ 104 105 __END_DECLS 106