Revert "Revert "libprocessgroup: Add support for SetUserProfiles""
This reverts commit aee11b0a3d.
This change was originally reverted because its only user was reverted
under b/243096961 at ag/19679188. We bring it back now with a fixed user.
Bug: 236708592
Bug: 148425913
Ignore-AOSP-First: Topic with AMS changes which is developed on git_master
Change-Id: I2a8ae0d9faabe7950b758a09870d128889be4d0a
This commit is contained in:
T.J. Mercier
parent
7846256e32
commit
673da5b972
5 changed files with 81 additions and 0 deletions
|
|
@ -35,6 +35,7 @@ bool CgroupGetAttributePathForTask(const std::string& attr_name, int tid, std::s
|
|||
|
||||
bool SetTaskProfiles(int tid, const std::vector<std::string>& profiles, bool use_fd_cache = false);
|
||||
bool SetProcessProfiles(uid_t uid, pid_t pid, const std::vector<std::string>& profiles);
|
||||
bool SetUserProfiles(uid_t uid, const std::vector<std::string>& profiles);
|
||||
|
||||
__END_DECLS
|
||||
|
||||
|
|
|
|||
|
|
@ -195,6 +195,11 @@ extern "C" bool android_set_process_profiles(uid_t uid, pid_t pid, size_t num_pr
|
|||
return SetProcessProfiles(uid, pid, std::span<const std::string_view>(profiles_));
|
||||
}
|
||||
|
||||
bool SetUserProfiles(uid_t uid, const std::vector<std::string>& profiles) {
|
||||
return TaskProfiles::GetInstance().SetUserProfiles(uid, std::span<const std::string>(profiles),
|
||||
false);
|
||||
}
|
||||
|
||||
static std::string ConvertUidToPath(const char* cgroup, uid_t uid) {
|
||||
return StringPrintf("%s/uid_%d", cgroup, uid);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -139,6 +139,17 @@ bool ProfileAttribute::GetPathForTask(int tid, std::string* path) const {
|
|||
return true;
|
||||
}
|
||||
|
||||
bool ProfileAttribute::GetPathForUID(uid_t uid, std::string* path) const {
|
||||
if (path == nullptr) {
|
||||
return true;
|
||||
}
|
||||
|
||||
const std::string& file_name =
|
||||
controller()->version() == 2 && !file_v2_name_.empty() ? file_v2_name_ : file_name_;
|
||||
*path = StringPrintf("%s/uid_%d/%s", controller()->path(), uid, file_name.c_str());
|
||||
return true;
|
||||
}
|
||||
|
||||
bool SetClampsAction::ExecuteForProcess(uid_t, pid_t) const {
|
||||
// TODO: add support when kernel supports util_clamp
|
||||
LOG(WARNING) << "SetClampsAction::ExecuteForProcess is not supported";
|
||||
|
|
@ -225,6 +236,29 @@ bool SetAttributeAction::ExecuteForTask(int tid) const {
|
|||
return true;
|
||||
}
|
||||
|
||||
bool SetAttributeAction::ExecuteForUID(uid_t uid) const {
|
||||
std::string path;
|
||||
|
||||
if (!attribute_->GetPathForUID(uid, &path)) {
|
||||
LOG(ERROR) << "Failed to find cgroup for uid " << uid;
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!WriteStringToFile(value_, path)) {
|
||||
if (access(path.c_str(), F_OK) < 0) {
|
||||
if (optional_) {
|
||||
return true;
|
||||
} else {
|
||||
LOG(ERROR) << "No such cgroup attribute: " << path;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
PLOG(ERROR) << "Failed to write '" << value_ << "' to " << path;
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
SetCgroupAction::SetCgroupAction(const CgroupController& c, const std::string& p)
|
||||
: controller_(c), path_(p) {
|
||||
FdCacheHelper::Init(controller_.GetTasksFilePath(path_), fd_[ProfileAction::RCT_TASK]);
|
||||
|
|
@ -552,6 +586,16 @@ bool TaskProfile::ExecuteForTask(int tid) const {
|
|||
return true;
|
||||
}
|
||||
|
||||
bool TaskProfile::ExecuteForUID(uid_t uid) const {
|
||||
for (const auto& element : elements_) {
|
||||
if (!element->ExecuteForUID(uid)) {
|
||||
LOG(VERBOSE) << "Applying profile action " << element->Name() << " failed";
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
void TaskProfile::EnableResourceCaching(ProfileAction::ResourceCacheType cache_type) {
|
||||
if (res_cached_) {
|
||||
return;
|
||||
|
|
@ -804,6 +848,24 @@ const IProfileAttribute* TaskProfiles::GetAttribute(std::string_view name) const
|
|||
return nullptr;
|
||||
}
|
||||
|
||||
template <typename T>
|
||||
bool TaskProfiles::SetUserProfiles(uid_t uid, std::span<const T> profiles, bool use_fd_cache) {
|
||||
for (const auto& name : profiles) {
|
||||
TaskProfile* profile = GetProfile(name);
|
||||
if (profile != nullptr) {
|
||||
if (use_fd_cache) {
|
||||
profile->EnableResourceCaching(ProfileAction::RCT_PROCESS);
|
||||
}
|
||||
if (!profile->ExecuteForUID(uid)) {
|
||||
PLOG(WARNING) << "Failed to apply " << name << " process profile";
|
||||
}
|
||||
} else {
|
||||
PLOG(WARNING) << "Failed to find " << name << "process profile";
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
template <typename T>
|
||||
bool TaskProfiles::SetProcessProfiles(uid_t uid, pid_t pid, std::span<const T> profiles,
|
||||
bool use_fd_cache) {
|
||||
|
|
@ -857,3 +919,5 @@ template bool TaskProfiles::SetTaskProfiles(int tid, std::span<const std::string
|
|||
bool use_fd_cache);
|
||||
template bool TaskProfiles::SetTaskProfiles(int tid, std::span<const std::string_view> profiles,
|
||||
bool use_fd_cache);
|
||||
template bool TaskProfiles::SetUserProfiles(uid_t uid, std::span<const std::string> profiles,
|
||||
bool use_fd_cache);
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ class IProfileAttribute {
|
|||
virtual const CgroupController* controller() const = 0;
|
||||
virtual const std::string& file_name() const = 0;
|
||||
virtual bool GetPathForTask(int tid, std::string* path) const = 0;
|
||||
virtual bool GetPathForUID(uid_t uid, std::string* path) const = 0;
|
||||
};
|
||||
|
||||
class ProfileAttribute : public IProfileAttribute {
|
||||
|
|
@ -53,6 +54,7 @@ class ProfileAttribute : public IProfileAttribute {
|
|||
void Reset(const CgroupController& controller, const std::string& file_name) override;
|
||||
|
||||
bool GetPathForTask(int tid, std::string* path) const override;
|
||||
bool GetPathForUID(uid_t uid, std::string* path) const override;
|
||||
|
||||
private:
|
||||
CgroupController controller_;
|
||||
|
|
@ -72,6 +74,7 @@ class ProfileAction {
|
|||
// Default implementations will fail
|
||||
virtual bool ExecuteForProcess(uid_t, pid_t) const { return false; };
|
||||
virtual bool ExecuteForTask(int) const { return false; };
|
||||
virtual bool ExecuteForUID(uid_t) const { return false; };
|
||||
|
||||
virtual void EnableResourceCaching(ResourceCacheType) {}
|
||||
virtual void DropResourceCaching(ResourceCacheType) {}
|
||||
|
|
@ -116,6 +119,7 @@ class SetAttributeAction : public ProfileAction {
|
|||
const char* Name() const override { return "SetAttribute"; }
|
||||
bool ExecuteForProcess(uid_t uid, pid_t pid) const override;
|
||||
bool ExecuteForTask(int tid) const override;
|
||||
bool ExecuteForUID(uid_t uid) const override;
|
||||
|
||||
private:
|
||||
const IProfileAttribute* attribute_;
|
||||
|
|
@ -179,6 +183,7 @@ class TaskProfile {
|
|||
|
||||
bool ExecuteForProcess(uid_t uid, pid_t pid) const;
|
||||
bool ExecuteForTask(int tid) const;
|
||||
bool ExecuteForUID(uid_t uid) const;
|
||||
void EnableResourceCaching(ProfileAction::ResourceCacheType cache_type);
|
||||
void DropResourceCaching(ProfileAction::ResourceCacheType cache_type);
|
||||
|
||||
|
|
@ -216,6 +221,8 @@ class TaskProfiles {
|
|||
bool SetProcessProfiles(uid_t uid, pid_t pid, std::span<const T> profiles, bool use_fd_cache);
|
||||
template <typename T>
|
||||
bool SetTaskProfiles(int tid, std::span<const T> profiles, bool use_fd_cache);
|
||||
template <typename T>
|
||||
bool SetUserProfiles(uid_t uid, std::span<const T> profiles, bool use_fd_cache);
|
||||
|
||||
private:
|
||||
TaskProfiles();
|
||||
|
|
|
|||
|
|
@ -121,6 +121,10 @@ class ProfileAttributeMock : public IProfileAttribute {
|
|||
return true;
|
||||
};
|
||||
|
||||
bool GetPathForUID(uid_t, std::string*) const override {
|
||||
return false;
|
||||
}
|
||||
|
||||
private:
|
||||
const std::string file_name_;
|
||||
};
|
||||
|
|
|
|||
Loading…
Reference in a new issue